[CentOS] C5 MySQL injection attack ("Union Select")
Always Learning
centos at u64.u22.net
Thu Mar 24 17:18:01 UTC 2016
On Thu, 2016-03-24 at 09:40 -0700, Gordon Messmer wrote:
> Just to be clear: you absolutely should upgrade to a currently
> maintained version of MySQL.
Agreed. Its going to be rainy in England this Easter weekend, so am
contemplating upgrading the last production C5 to C6.
> However, upgrading will not protect you from SQL injection attacks.
> The probes you're seeing aren't targeting the SQL server. They're
> targeting your php code.
Have already upgraded my PHP routine which blocks IP addresses when GET
data exceeds its acceptable field size.
--
Regards,
Paul.
England, EU. England's place is in the European Union.
More information about the CentOS
mailing list