SANS Internet Storm Center has a look at a recent incident in which a Web server was compromised through the use of a remote Web application flaw. The attack might have stopped there, but a series of cascading failures led to further problems and damage. Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases. A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
Source: https://threatpost.com/anatomy-server-compromise-031309/72425/