Bugtraq mailing list archives
Re: mSQL vulnerability.
From: bambi () HUGHES COM AU (David J. Hughes)
Date: Fri, 19 Feb 1999 13:58:53 +1000
On Wed, 17 Feb 1999, Christofer C. Bell wrote:
I'd like to point out that mSQL by default (all versions) DO NOT have hosts based access control enabled. Note that when you start the msql2d process for the first time, you see this message:
This is _not_ correct. By default, mSQL is configured to run with Remote_Access disabled (via the msql.conf file or the internal default config settings). This implies that, by default, the mSQL server will not even create a TCP socket. Host based access control is only used if you modify the configuration and explicitly enable remote access to the server. The Remote_Access config option was added in the 2.0.4 release of mSQL back in May 1988. Bambi ... / / / David J. Hughes Bambi () Hughes com au /___/ ___ /__ ___ ___ Managing Director Hughes Technologies / / / / / / / / /__/ /__ Fax:+61 7 3302 2199 http://Hughes.com.au / / /__/ /__/ / / /__ ___/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ __/
Current thread:
- Re: mSQL vulnerability. David J. Hughes (Feb 18)