Worm hijacks open source database
News MySpool, which runs a file called spoolcll.exe, enters MySQL servers through a SQL injection vulnerability, copies itself to the directory: "%systemdrive%\appl\develop\mysql\data\" and gives itself a random eight-character file name.
[January 27, 2005, 16:40]
MySQL worm stopped
News More than 8,000 Windows computers running the MySQL database were probably infected with the worm, referred to as MySpooler or by the name of the executable file, SpoolCLL, that the worm installs on vulnerable machines.
[January 31, 2005, 8:15]
