WW
WASC Web Hacking Incidents Database
Mon, Apr 25, 2011 1:11 PM
*Entry Title: *WHID 2011-57: MySQL.com hacked via... SQL injection vuln
*WHID ID: *2011-57
*Date Occurred: *March 28, 2011
*Attack Method: *SQL Injection
*Application Weakness: *Improper Input Handling
*Outcome: *Leakage of Information
*Attacked Entity Field: *Technology
*Attacked Entity Geography: *USA
*Incident Description: *MySQL.com was hacked over the weekend via an attack
which used a blind SQL injection exploit to pull off the pawnage.
Hackers extracted usernames and password hashes from the site, which were
subsequently posted to pastebin.com.
*Mass Attack: *No
*Reference: *http://www.theregister.co.uk/2011/03/28/mysql_hack/
*Attack Source Geography: *Romainia
*Items Leaked: *usernames, passwords
*Entry Title: *WHID 2011-57: MySQL.com hacked via... SQL injection vuln
*WHID ID: *2011-57
*Date Occurred: *March 28, 2011
*Attack Method: *SQL Injection
*Application Weakness: *Improper Input Handling
*Outcome: *Leakage of Information
*Attacked Entity Field: *Technology
*Attacked Entity Geography: *USA
*Incident Description: *MySQL.com was hacked over the weekend via an attack
which used a blind SQL injection exploit to pull off the pawnage.
Hackers extracted usernames and password hashes from the site, which were
subsequently posted to pastebin.com.
*Mass Attack: *No
*Reference: *http://www.theregister.co.uk/2011/03/28/mysql_hack/
*Attack Source Geography: *Romainia
*Items Leaked: *usernames, passwords
