WinMySQLadmin1.1 stores Mysql password vulnerabilities in plaintext-database-PHP Tutorial-micro. WinMySQLadmin1.1 stores Mysql password in plaintext. Source: involved program: WinMySQLadmin details: WinMySQLadmin is a Mysql management software. it was found that WinMySQLadmin 1.1 stores Mysql password in plaintext.
Source:
Involved procedures:
WinMySQLadmin
Details:
WinMySQLadmin is a Mysql management software that stores the Mysql password in the c: winntmy. ini file in plaintext.
--- ---
# This File was made using the WinMySQLadmin 1.1 Tool
[Mysqld]
Basedir = C:/mysql
Datadir = C:/mysql/data
[WinMySQLadmin]
Server = C:/mysql/bin/mysqld-nt.exe
User = admin
Password = XXXXX (in clear text)
QueryInterval = 30
--- ---
Attackers can exploit this vulnerability to obtain database administrator privileges if they can traverse affected systems. For example:
Http://packetstormsecurity.org/9905-exploits/ms.iis4.showcode.txt
Http://www.bkjia.com/PHPjc/631437.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/631437.htmlTechArticleWinMySQLadmin 1.1 in plaintext form to store Mysql password vulnerability article Source: involved program: WinMySQLadmin detailed: WinMySQLadmin is a Mysql management software, found it in plaintext form...