Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.103492
Category:Databases
Title:MySQL / MariaDB Authentication Bypass
Summary:MySQL and MariaDB is prone to an Authentication Bypass.
Description:Summary:
MySQL and MariaDB is prone to an Authentication Bypass.

Vulnerability Impact:
Successful exploitation will yield unauthorized access to the database.

Affected Software/OS:
All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.23 are
vulnerable.

Solution:
Update to:

- MariaDB version 5.1.62, 5.2.12, 5.3.6, 5.5.23 or later

- MySQL version 5.1.63, 5.5.24, 5.6.6 or later.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 53911
Common Vulnerability Exposure (CVE) ID: CVE-2012-2122
http://www.securityfocus.com/bid/53911
http://www.exploit-db.com/exploits/19092
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://bugs.mysql.com/bug.php?id=64884
https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql
http://seclists.org/oss-sec/2012/q2/493
http://securitytracker.com/id?1027143
http://secunia.com/advisories/49417
http://secunia.com/advisories/53372
SuSE Security Announcement: SUSE-SU-2012:0984 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.