Bestemd voor DirectAdmin VPS & DPS eigenaars....MySQL Privilege Vulnerability 01-11-2013
Geplaatst door Mike-Support aan 02-11-2013 00:01

DirectAdmin - MySQL Privilege Vulnerability

01-11-2013 worden alle DirectAdmin VPS & DPS servers geupgrade naar de laatste versie van DirectAdmin versie:1.44

Vulnerability Description:

There is a flaw within the backup system that allows an attacker to rub arbitrary commands while restoring MySQL databases as root that could ultimately lead to a root compromise.

Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.

We have deemed this vulnerability to be rated as CRITICAL due to the fact that a normal user can gain an instant root shell.

Vulnerable Version:
This vulnerability was tested against DirectAdmin v1.43 and is believed to exist in all prior versions.
Fixed Version:
This vulnerability was patched in DirectAdmin v1.44.

U zal hier verder weinig tot niets van merken........

Reacties (0)