wiredmikey writes "The folks over at Rapid7 have released a new (free) tool that lets one scan an unlimited number of IP addresses for the MySQL Authentication Bypass vulnerability, which caused a great deal of concern when it was discovered back in June.
The tool will allow IT teams a quick and easy check to determine if their MySQL deployments are vulnerable. If they are, then all that’s needed is a patch. For the record, MySQL deployments that are older than 5.1.63, 5.5.24, or 5.6.6 are all vulnerable to the authentication bypass problem. The tool, available for Windows, can be downloaded here.
Even now, after the patches to this problem were delivered, some 90,000 systems are vulnerable to attack. This figure doesn’t include the number of potential vulnerable hosts that cannot be seen from the outside, but could be attacked from within later."
Link to Original Source