CVE-2012-2122 in action on Ubuntu

Nick antono

Description

CVE-2012-2122 in action on Ubuntu 12.04 LTS

Read Also

http://permalink.gmane.org/...

Statistics

3562 views by Anonymous and 9 views by registered users

Tags

Extra Info

Toggle

Uname

Linux libero 3.2.0-24-generic #39-Ubuntu SMP Mon May 21 16:52:17 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

Desktop

GNOME

Term

xterm-256color

Shell

/bin/bash

Size

80x22

antono

Quick fix for this issue may be apt-get install fail2ban and enable mysql rule...

Or something like this in your firewall:

iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --set --name SSH
iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Marco Ceppi

Patches for this just landed in Ubuntu. Running an upgrade will resolve this :)

sudo apt-get update
sudo apt-get upgrade

antono

Good to know.

antono

mysql port open to Internets is always bad idea.

CVE-2012-2122 in action on Ubuntu - 80x22

Please login to post comments.

Login in less than 10 seconds