Re: SECURITY HOLE in MySQL module in PHP

To: brendan hack <bendy@bendys.com>
Cc: debian-security@lists.debian.org
Subject: Re: SECURITY HOLE in MySQL module in PHP
From: Ralf Dreibrodt <ralf@dreibrodt.de>
Date: Wed, 06 Feb 2002 23:51:38 +0100
Message-id: <[🔎] 3C61B37A.7FB894A8@dreibrodt.de>
References: <[🔎] Pine.LNX.4.33.0202062159470.24262-100000@aurora.nsu.ru> <[🔎] 3C61B1C7.8020805@bendys.com>

Hi,

brendan hack wrote:
> 
> I received an error saying 'test_database' not found.

of course you should change $db to you db-name.

> I then
> removed all access privileges from the anonymous user to the test
> database and received the following:
> 
> FAILED: USE test
> REASON: Access denied for user: '@localhost' to database 'test'

well, of course you need access to one php-script (to insert the command
in the exploits).
when you have this access, you can set $host to ANY mysql-server.
you do not have to have access to the mysql-server on localhost.

if you want to use the exploit and don´t have access to a mysql-server,
go to www.mysql.com and download it for linux, windows etc and use you
dialin-ip at $host.

bye
Ralf

Reply to:

References:
- SECURITY HOLE in MySQL module in PHP
  - From: "Dmitry N. Hramtsov" <hdn@nsu.ru>
- Re: SECURITY HOLE in MySQL module in PHP
  - From: brendan hack <bendy@bendys.com>

Prev by Date: Re: SECURITY HOLE in MySQL module in PHP
Next by Date: How to modify SSH2 prompt message?
Previous by thread: Re: SECURITY HOLE in MySQL module in PHP
Next by thread: Re: SECURITY HOLE in MySQL module in PHP
Index(es):
- Date
- Thread