DirectAdmin - MySQL Privilege Vulnerability
01-11-2013 worden alle DirectAdmin VPS & DPS servers geupgrade naar de laatste versie van DirectAdmin versie:1.44
There is a flaw within the backup system that allows an attacker to rub arbitrary commands while restoring MySQL databases as root that could ultimately lead to a root compromise.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as CRITICAL due to the fact that a normal user can gain an instant root shell.
This vulnerability was tested against DirectAdmin v1.43 and is believed to exist in all prior versions.
This vulnerability was patched in DirectAdmin v1.44.
U zal hier verder weinig tot niets van merken........