Read this post for details. NukeSentinel™ is named for not stopping this attack when it absolutely does, 100% of the time, if you have the Union blocker on. I have replied to the thread as follows:
[snip]Of course, mysql version 4.x must be used with enabled union functionality. And if there are Sentinel or similar protection systems installed, additional measures must be used to evade them.[/snip]
You are mistaken. If NukeSentinel is installed and active, it blocks them 100% of the time. This exploit is nothing more than a variation on a theme. It's another in a long line of UNION exploits which NukeSentinel has been blocking since day one.
There are actually 2 more "new" exploits listed - All pertaining to nuke 7.6:
http://www.securityfocus.com/bid/13061
http://www.securityfocus.com/bid/13055
If you have Chatserv's patches installed and NukeSentinel(tm) - Sleep well tonight!
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=1035
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=1035