[Full-disclosure] Implementation of CoreST mysql vulnerability?

From: Brendan Dolan-Gavitt (mooyix_at_gmail.com)
Date: 05/18/05

  • Next message: please_reply_to_security_at_sco.com: "[Full-disclosure] UnixWare 7.1.4 : Updated mozilla fixes many security issues"
    Date: Wed, 18 May 2005 14:05:26 -0500
    To: full-disclosure@lists.grok.org.uk
    
    

    Hi,
       I've recently been looking at CoreLabs' paper on the weak
    challenge/response mechanism in MySQL v3.23 and below
    (http://www1.corest.com/corelabs/projects/protocol_design_flaws/mysql.pdf).
    They mention that there is an implementation of the attack in Python
    and Smalltalk that can be found on their website, but I haven't been
    able to unearth it if it's there at all. Does anyone have a copy or
    know where it might be found?

    Thanks,
      Brendan Dolan-Gavitt
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: please_reply_to_security_at_sco.com: "[Full-disclosure] UnixWare 7.1.4 : Updated mozilla fixes many security issues"

    Relevant Pages