Jump to content


Photo

MySQL and Sun hacked ...


  • Please log in to reply
No replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 28 March 2011 - 06:49 AM

FYI...

MySQL and Sun hacked...
- http://nakedsecurity...-sql-injection/
March 27, 2011 - "Proving that no website is ever truly secure, it is being reported that MySQL.com has succumbed to an SQL injection attack. It was first disclosed to the Full Disclosure mailing list*... Several accounts had passwords like "qa". The irony is that they weren't compromised by means of their ridiculously simple passwords, but rather flaws in the implementation of their site... MySQL's parent company Sun/Oracle has also been attacked**. Both tables and emails were dumped from their databases, but no passwords. It does not appear to be a vulnerability in the MySQL software, but rather flaws in the implementation of their websites... It was noted on Twitter that mysql .com is also subject to an XSS (cross-site scripting) vulnerability that was reported in January 2011 and has not been remedied."
* http://seclists.org/..._medium=twitter

** http://tinkode27.bay...-sql-injection/

- http://blog.sucuri.n...ompromised.html
March 27, 2011 - "... If you have an account on MySQL.com, we recommend changing your passwords ASAP..."

- https://www.computer...njection_attack
March 28, 2011

:grrr: :!: :ph34r:

Edited by AplusWebMaster, 28 March 2011 - 07:54 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button