The security application is available for download here

Sep 21, 2012 14:07 GMT  ·  By

In June, we learned of a MySQL vulnerability - CVE-2012-2122 - which allowed an attacker to easily access servers. Now, Rapid 7 has released a free tool called ScanNow, which scans networks in search for this particular security hole.

At the time, researchers demonstrated that an attacker could bypass the authentication on systems that didn’t enforce host-based access controls (ACL) and run a flawed version of the operating system (OS).

Experts have found that there are numerous MySQL servers on the Web that don’t enforce ACLs and still run on unpatched systems. 8,000 exposed devices have been detected, and that’s for only one of the five affected OSs.

Administrators who want to check if they’re among the potential victims of such cybercriminal operations, can perform a quick scan with ScanNow and find out which one of their machines are vulnerable.

All they need to do is enter the network’s range and the app does the rest.

Rapid 7’s ScanNow is available for download here.