Mysql 5.0.12 Exploit -

Support for modern TLS/SSL standards is either non-existent or broken. Publicly Available PoCs:

And somewhere, in a datacenter that no longer exists, a Windows Server 2003 box still sits powered off, its last log entry frozen in time: mysql 5.0.12 exploit

Once the library is placed on the disk, the attacker registers the function within the MySQL server context: Support for modern TLS/SSL standards is either non-existent

If an application uses WHERE id = '$id' , the attacker sends: $id = 1234\xbf' OR '1'='1 The server sees: WHERE id = '1234\xbf\' OR \'1\'=\'1' mysql 5.0.12 exploit

Example: CREATE FUNCTION exec_shell RETURNS INTEGER SONAME 'malicious_lib.so';