Hello,
preliminary remark i haven't read all old thread in the mailing list
archive.
Now i found some problem when i try to use nessus for assessment mysql.
Infact i try to detect my MySQL verision but it say to me that unknow
server
in running on that port (3306) this is standard port.
I have installed mysql with a simple rpm and i have a semi standard
configuration,
semi because i have added a root password.
Am i only that i have receive this error ???
Then i have write a script to find mysqld Privilege Escalation
Vulnerability, blindlfold
i think is corrent and it don't run because i have receive then previos
message.
#
# See the Nessus Scripts License for details
#
# Ref:
# http://securityfocus.com/bid/7052
#
#
if(description)
{
script_id(20002);
script_version ("$Revision: 1.0 $");
name["english"] = "MySQL mysqld Privilege Escalation Vulnerability";
script_name(english:name["english"]);
desc["english"] = "
MySQL 3.23.55 and earlier creates creates
world-writeable files
and allows mysql users to gain root privileges
Risk factor : High
Solution : Upgrade to the latest version of MySQL ";
script_description(english:desc["english"]);
summary["english"] = "Checks for the remote MySQL version";
script_summary(english:summary["english"]);
script_category(ACT_SETTINGS);
script_copyright(english:"This script is Copyright (C) 2003 Jonny");
family["english"] = "Misc.";
script_family(english:family["english"]);
script_dependencie("find_service.nes");
script_require_ports("Services/mysql", 3306);
exit(0);
}
#
# The script code starts here
#
port = get_kb_item("Services/mysql");
if(!port)port = 3306;
if(get_port_state(port))
{
soc = open_sock_tcp(port);
if(soc)
{
#r = recv(socket:soc, length:5);
r = recv(socket:soc, length:10);
close(soc);
if(!r)exit(0);
if(ereg(pattern:"3\.(([0-9]\..*|(1[0-9]\..*)|(2[0-2]\..*))|23\.([0-5][0-9]|5[0-5])[^0-9])",
string:r))security_hole(port);
}
}
If i'm in wrong tell me please
by
-- Jonny
Ps: Sorry for my bad english.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
preliminary remark i haven't read all old thread in the mailing list
archive.
Now i found some problem when i try to use nessus for assessment mysql.
Infact i try to detect my MySQL verision but it say to me that unknow
server
in running on that port (3306) this is standard port.
I have installed mysql with a simple rpm and i have a semi standard
configuration,
semi because i have added a root password.
Am i only that i have receive this error ???
Then i have write a script to find mysqld Privilege Escalation
Vulnerability, blindlfold
i think is corrent and it don't run because i have receive then previos
message.
#
# See the Nessus Scripts License for details
#
# Ref:
# http://securityfocus.com/bid/7052
#
#
if(description)
{
script_id(20002);
script_version ("$Revision: 1.0 $");
name["english"] = "MySQL mysqld Privilege Escalation Vulnerability";
script_name(english:name["english"]);
desc["english"] = "
MySQL 3.23.55 and earlier creates creates
world-writeable files
and allows mysql users to gain root privileges
Risk factor : High
Solution : Upgrade to the latest version of MySQL ";
script_description(english:desc["english"]);
summary["english"] = "Checks for the remote MySQL version";
script_summary(english:summary["english"]);
script_category(ACT_SETTINGS);
script_copyright(english:"This script is Copyright (C) 2003 Jonny");
family["english"] = "Misc.";
script_family(english:family["english"]);
script_dependencie("find_service.nes");
script_require_ports("Services/mysql", 3306);
exit(0);
}
#
# The script code starts here
#
port = get_kb_item("Services/mysql");
if(!port)port = 3306;
if(get_port_state(port))
{
soc = open_sock_tcp(port);
if(soc)
{
#r = recv(socket:soc, length:5);
r = recv(socket:soc, length:10);
close(soc);
if(!r)exit(0);
if(ereg(pattern:"3\.(([0-9]\..*|(1[0-9]\..*)|(2[0-2]\..*))|23\.([0-5][0-9]|5[0-5])[^0-9])",
string:r))security_hole(port);
}
}
If i'm in wrong tell me please
by
-- Jonny
Ps: Sorry for my bad english.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail