Mysql 5.0.12 Exploit -

And for the penetration testers: Add the UDF exploit to your checklist. You will be surprised how often it still opens the door.

A PoC exploit has been publicly disclosed, demonstrating the feasibility of the attack. The exploit involves crafting a malicious COM_CHANGE_USER packet and sending it to the MySQL server. A successful exploitation can lead to the execution of arbitrary code on the server. mysql 5.0.12 exploit