Adobe Solution Partner

January 28, 2005

Forbot Network Worm Affects MySQL On Windows

Filed under: Databases — Mike Brunt @ 12:00 am

MySQL on Windows became the latest victim of a worm on Thursday of this week. A worm call THE FORBOT NETWORK WORM. The worm, which also has Trojan horse features, infects machines by breaking into the default administrator
or ROOT account password. With access to the MySQL root account, Forbot was programmed to use a recently-discovered exploit called the MySQL UDF Dynamic Library Exploit to upload and install malicious code to the infected system.

The MySQL 4.0 and prior releases install with a root user with no password set and it is crucial that this be put right immediately on install. The big worry is that there may be many hundreds if not thousands of such installs where people have downloaded and installed MySQL to a local desktop or workstation without properly securing it.

There are more details here.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • LinkedIn
  • StumbleUpon
  • Technorati
  • TwitThis

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

 

Server Down?

Maximize Web application uptime by drawing upon Webapper's years of experience tuning and stabilizing many of the world's largest ColdFusion Web applications. Contact us today!