Re: mysqld Privilege Escalation

From: Renaud Deraison (deraisonat_private)
Date: Thu Apr 03 2003 - 04:33:05 PST

Next message: sulloat_private: "update for smtpscan fingerprints"

Previous message: Vincent Renardias: "Re: mysqld Privilege Escalation"
In reply to: Vincent Renardias: "Re: mysqld Privilege Escalation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 03, 2003 at 02:24:40PM +0200, Vincent Renardias wrote:
> The problem is Nessus scripts connect several times just to determine
> the MySQL version, so the nessusd host is quite rapidly blacklisted
> after 10 attempts.
> The following patch stores the mysql version string in the KB and the
> other scripts use this key instead of connecting directly. While trying
> it, it did allow Nessus to find a few more vulnerabilities.
> May I commit it to CVS ?

Please do.

Next message: sulloat_private: "update for smtpscan fingerprints"
Previous message: Vincent Renardias: "Re: mysqld Privilege Escalation"
In reply to: Vincent Renardias: "Re: mysqld Privilege Escalation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 03 2003 - 04:33:33 PST