sQuo Posted September 21, 2012 Share Posted September 21, 2012 This is the hidden content, please Sign In or Sign Up Rapid7 has released a tool to scan an unlimited number of IP addresses for the MySQL Authentication Bypass vulnerability. Recently, vulnerability listed as CVE-2012-2122 : If one knows a user name to connect (and "root" almostalways exists), he can connect using *any* password by repeatingconnection attempts. ~300 attempts takes only a fraction of second, sobasically account password protection is as good as nonexistent.Any client will do, there's no need for a special libmysqlclient library. Exploit for this vulnerability was released on Tools Yard before. Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23 are vulnerable to this bug. At the United Security Summit last week, Rapid7’s HD Moore said that 3 million MySQL servers discovered online, half of them were running without any sort of ACL (Access Control List) on the host, that means1.5 million systems are vulnerable to CVE-2012-2122. The tool released today will allow IT teams a quick and easy check to determine if their MySQL deployments are vulnerable or not. The ScanNow tool is free, and can be downloaded here. This is the hidden content, please Sign In or Sign Up system Requirements: OS: Windows XP / Vista / Windows 7 / Server 2003 / Server 2008 (32bit or 64bit) HD Space: 10 MB of disk space RAM: 1GB minimum, 2GB or more recommended Java Version: 1.6 and later Link to comment Share on other sites More sharing options...
Recommended Posts