Database errors - real life of security vendors too
December 29th, 2006 by Juha-Matti, Filed under: Web, Commentary, Corporate Security
When accessing the Exploit Research category of McAfee Avert Labs Blog you will see the following database error text:
WordPress database error: [Can’t create/write to file ‘G:\temp\#sql_d74_0.MYD’ (Errcode: 17)]
SELECT DISTINCT * FROM wp_posts LEFT JOIN wp_post2cat ON (wp_posts.ID = wp_post2cat.post_id) WHERE 1=1 AND (category_id = 9) AND post_date_gmt < = '2006-12-29 15:16:59' AND (post_status = "publish") AND post_status != "attachment" GROUP BY wp_posts.ID ORDER BY post_date DESC LIMIT 0, 999
Visiting the main page generates
“Not Found
Sorry, but you are looking for something that isn’t here.”
error, in turn.
Update #1720 UTC: It appears that they have fixed these problems.
-
Is your site safe from SQL Injection? Use Active Network Scanning to protect your network!
Subscribe
Subscribe
Looks like they fixed it. Currently looks fine.
Information disclosure in error messages…
Guess, which OS flavor runs behind the McAfee Avert Labs Blog and on which drive? OMG, I hate such error messages.
WordPress database error: [Can’t create/write to file ‘G:\temp\#sql_d74_0.MYD’ (Errcode: 17)] SELECT DISTINCT * …
The same problem exists there today.
“WordPress database error: [Can’t create/write to file ‘G:\temp\#sql_d74_0.MYD’ (Errcode: 17)]”
At 11:25UTC UTC
when visiting http://www.avertlabs.com/research/blog/?m=200701
The main page doesn’t show the content of the page as well.
Edited Feb 3rd: They have fixed the problems.
Try new LEXST database system, I’m sure you will never show these type of error codes.