DigitalOcean using same common password for 1-Clicks running MySQL

by admin

Tuesday, September 19th, 2017 at 3:31 am

Have fun scanning before DigitialOcean releases their public notice:
1-Click users potentially remotely exploitable unless they have changed the debian-sys-maint password {MySQL, PHPMyAdmin,LAMP, LEMP, WordPress, OwnCloud}
In the MySQL Debian/Ubuntu packaging, there is an additional MySQL user being created: debian-sys-maint.
Any Droplet created from this common image shares the same password for the MySQL debian-sys-maint user.
Affected Versions:
Ubuntu 14.04
Ubuntu 16.04
Ubuntu 17.10
Debian 7
Debian 8
Not Affected:
Debian 9
IP: Loading... - Host: Loading...
IP Geolocation: unknown.

We love our country, but fear our government.

https://iait-institute.org/
https://www.nintendo-nation.net/
https://wartabogor.com/
https://www.crstudent.com/
https://www.nusoundonline.com/
https://quernsmansionacafejy.com/
https://caminaresmedicina.com/
https://www.americasgreatestbrands.com/
https://www.bng-tech.com/en/
https://hoteldesetrangers.com.tr/canakkale/
https://www.5tips.co/freebies/
https://chicago43rd.org/
https://o.dijitalnesilakademisi.com/
https://cos.coop.py/creditos/
https://cakirgaraj.com/fiyat-listesi/
https://cakirogluikinciel.com/iletisim/
https://timetotimecourierservice.com/services.html
https://www.broadcastbuyer.tv/
https://vinadegracia.org/nosotros/