Newest Industry

Evolving the Online Performance Experience

Stupid MySQL Injection Attack

leave a comment »

Someone exploited a hole in the version of MySQL I was running (4.1.10) this morning by sending the following malformed URL:

http://www.newestindustry.org/index.php/2005/04/
2005-04-14-13:33:16%7c-1%7c104%7c2005-04-14-13:33:04%7c151.99.208.233
%7c3%7c-1%7c0%7c-1%7c0%7c-1%7c-1%7c10%7c-1%7c7%7c7%7c

http://www.newestindustry.org/index.php/2005/04/2005-04-14-13:33:16

%7c-1%7c104%7c2005-04-14-13:33:04%7c151.99

You can try it now, but it does not cause the database to crash anymore, because I have upgraded to MySQL 4.1.11.

DOH!

Advertisement

Written by Stephen

April 14 2005 at 08:01

Posted in Uncategorized

«
»

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 269 other followers