[TriLUG] Security holes. Revealed by searching yahoo and google

David McDowell turnpike420 at gmail.com
Fri Jan 14 16:16:20 EST 2005


I'm not sure I understand how I am supposed to check myself for this
possible flaw.

thanks,
David


On Thu, 13 Jan 2005 15:31:50 -0500, Mike Fieschko
<mike.fieschko at devmike.com> wrote:
> Misconfigured MySQL servers accessible though phpmyadmin:
> 
> http://www.threadwatch.org/node/1082
> 
> [begin quoting]
> 
> Hot on the heals of the recent Google unsecured Webcams search news
> comes in via rumours at threadwatch.org of an even more serious security
> breach made available by search engine queries.
> 
> The latest discovery is that you can search for export processes
> language changelog phpmyadmin at Yahoo and return a list of open,
> vulnerable MySQL database servers.
> 
> In the wrong hands, and with a little advanced search knowledge that
> query can be tweaked to find ecom sites and all manner of havoc wreaked.
> 
> Yahoo! have been alerted, but at the moment the vulnerability is still
> easily found. This is not Yahoo's fault of course, this is a problem
> with the hugely poplular Open Source MySQL database and the way in which
> it has been deployed on some websites. The search just hightlights those
> servers able to be manipulated.
> 
> You can do the same search on Google, but it's less accessible as you
> have to add filter=0 to the end of the url string.
> 
> ADDED: Testing 1,2,3....
> 
> I've just tested this on a staged install by a friend and can assert
> that it works well. I was able to delete tables and access data very
> simply.
> 
> By Nick W at Jan 13 2005 - 12:12
> 
> [end quoting]
> 
> Mike Fieschko
> Raleigh, NC
> 
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>



More information about the TriLUG mailing list