Windows Worm
am 27.01.2005 22:10:54 von ChrisSomeone brought this to our attention over in the PHP-DB list.
A worm, is traveling around through MySQL/Windows servers. It brute
forces the root password, then copies an apparently non-destructive
executable.
As far as I can tell it just guess weak/non-existent root passwords.
Discussion on SlashDot:
http://it.slashdot.org/article.pl?sid=05/01/27/1546222
The forum thread where discovered:
http://forums.whirlpool.net.au/forum-replies.cfm?t=291921&p= 1
More information:
http://isc.sans.org/diary.php?isc=a508f4a185755af19ea8bd4544 4a570b
--
MySQL Windows Mailing List
For list archives: http://lists.mysql.com/win32
To unsubscribe: http://lists.mysql.com/win32?unsub=gcdmw-win32@m.gmane.org