MySQL is an open-source database produced by MySQL AB. MySQL AB provides binaries for the Windows platform which run out-of-the-box. However, the default configuration for these binaries leave MySQL wide open to attack in a number of ways: A null root password, a non-loopback-bound server, and no logging. Included in this advisory is source to demonstrate an attack using this information.
fe702c187a158be2974aa60ea624583d2e8944d1724d9566be580a09e054e03c