[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] User bypass privs for Mysql??

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] User bypass privs for Mysql??
From: James Bliss <james.bliss@xxxxxxxxxxx>
Date: Tue, 18 May 2004 10:04:53 -0500

What were your other privileges.  If you did not have any grants then why 
in the heck did you have any access rights to the mysql database (not 
product) tables?  Seems that you had a DBA error, not a product error.

Jim

On Tuesday 18 May 2004 9:02 am, Esler, Joel - Contractor wrote:
> Not having any grant permissions.  I went into the mysql/user table and
> edited the Grant from N to Y.  Logged out and logged back in, and I had
> full privs including Grant.  I shouldn't be able to do this...
>
> Joel
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] User bypass privs for Mysql??
  - From: Esler, Joel - Contractor

Prev by Date: RE: [Full-Disclosure] Agobot author is a pacifist?
Next by Date: RE: [Full-Disclosure] User bypass privs for Mysql??
Previous by thread: Re: [Full-Disclosure] User bypass privs for Mysql??
Next by thread: RE: [Full-Disclosure] User bypass privs for Mysql??
Index(es):
- Date
- Thread