Lucene search

[email protected]CVE-2003-1480

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1480

2003-12-3105:00:00

CWE-310

[email protected]

web.nvd.nist.gov

mysql

cve-2003-1480

password hashing

security vulnerability

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.032 Low

EPSS

Percentile

91.2%

JSON

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.

CPENameOperatorVersion
mysql:mysqlmysqleq4.1.0
oracle:mysqloracle mysqleq3.20
oracle:mysqloracle mysqleq3.20.32a
oracle:mysqloracle mysqleq3.21
oracle:mysqloracle mysqleq3.22
oracle:mysqloracle mysqleq3.22.26
oracle:mysqloracle mysqleq3.22.27
oracle:mysqloracle mysqleq3.22.28
oracle:mysqloracle mysqleq3.22.29
oracle:mysqloracle mysqleq3.22.30

CPE	Name	Operator	Version
mysql:mysql	mysql	eq	4.1.0
oracle:mysql	oracle mysql	eq	3.20
oracle:mysql	oracle mysql	eq	3.20.32a
oracle:mysql	oracle mysql	eq	3.21
oracle:mysql	oracle mysql	eq	3.22
oracle:mysql	oracle mysql	eq	3.22.26
oracle:mysql	oracle mysql	eq	3.22.27
oracle:mysql	oracle mysql	eq	3.22.28
oracle:mysql	oracle mysql	eq	3.22.29
oracle:mysql	oracle mysql	eq	3.22.30

Rows per page:

1-10 of 651

References

secunia.com/advisories/8753

www.securiteam.com/tools/5WP031FA0U.html

www.securityfocus.com/bid/7500

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.032 Low

EPSS

Percentile

91.2%

JSON

Related for CVE-2003-1480

nessus1 openvas1 cvelist1