Weak Passwords Leave Win MySQL Vulnerable

January 28, 2005

[From internetnews.com]

The Windows version of popular open source database MySQL is apparently under attack by a malicious bot (define), according to an advisory issued Thursday by the SANS Internet Storm Center (ISC).

The SANS-ISC advisory also said the binary file that carries the bot is detectable via most updated anti-virus scanners and that strong password policies would also help thwart any intrusion attempts.

The bot has been identified as a version of 'Wootbot' and takes advantage of the previously disclosed "MySQL UDF Dynamic Library Exploit" in an attempt to infect a MySQL server, according to the ISC.

The article continues at http://internetnews.com/dev-news/article.php/3465791