SydLexia.com Forum Index
"Stay awhile. Stay... FOREVER!"

  [Edit Profile]  [Search]  [Memberlist]  [Usergroups]  [FAQ]  [Register]
[Who's Online]  [Log in to check your private messages]  [Log in]
MySQL.com and Sun Hacked Via SQL Injection

SydLexia.com Forum Index » General Discussion

Reply to topic
Author Message
The Opponent
Title: Forum Battle WINNER
Joined: Feb 24 2010
Location: The Danger Zone
PostPosted: Mar 27 2011 08:22 pm Reply with quote Back to top

That's gotta be embarrassing.

Quote:
Most embarrassingly, the Director of Product Management's WordPress password was set to a four digit number... his ATM PIN perhaps? Several accounts had passwords like "qa". The irony is that they weren't compromised by means of their ridiculously simple passwords, but rather flaws in the implementation of their site.

Sun SQL disclosureMySQL's parent company Sun/Oracle has also been attacked. Both tables and emails were dumped from their databases, but no passwords.

It does not appear to be a vulnerability in the MySQL software, but rather flaws in the implementation of their websites.


I'm not a bad enough dude, but I am an edgy little shit. I'll do what I can.
 
View user's profileSend private messageVisit poster's website
Sarge
Title: The Self-Titler
Joined: Aug 14 2010
PostPosted: Mar 27 2011 08:31 pm Reply with quote Back to top

Isn't MySQL injection one of the first things website security guys are taught to guard against, right after not keeping passwords in HTML source? Nice.


Image
 
View user's profileSend private message
Display posts from previous:      
Reply to topic

 
 Jump to:   

SydLexia.com :: Credits