Irregular Expressions

Mar 29 2011   9:50PM GMT

Blind SQL Injection on mysql.com

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Weekend break-in at mysql.com, there is a posting on the full disclosure mailing list here;

http://seclists.org/fulldisclosure/2011/Mar/309

The posting includes the structure of the db also usernames and password hashes.  I don’t see any postings from mysql.com acknowledging the breach.

Although the possible direct damage from this may have been defacement or maybe a malware ad, as in most places and from what happened with HBGary I bet there is password reuse going on.  This could have lead to a more serious breach if there was accesses.  I would think from how this was done that the hacker could not get any farther in from that system, I can’t seem them getting the database and just stopping.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: