Lucene search
HistoryDec 06, 2004 - 5:00 a.m.
CVE-2004-0627
mysql
vulnerability
authentication bypass
cve-2004-0627
nvd
6.6 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.893 High
EPSS
Percentile
98.7%
The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mysql:mysql | mysql | eq | 4.1.0 |
Related
checkpoint_advisories
checkpoint_advisories
MySQL Malformed Password Authentication - Ver2 (CVE-2004-0627)
2015-05-18 00:00:00
MySQL Malformed Password Authentication (CVE-2004-0627)
2009-12-23 00:00:00
Security Best Practice: Protection against Multiple MySQL Vulnerabilities
2006-05-21 00:00:00
canvas
canvas
Immunity Canvas: MYSQL_AUTH_BYPASS
2004-12-06 05:00:00
cert
cert
nessus
nessus
MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
2011-01-07 00:00:00
MySQL 4.1 < 4.1.3 Multiple Vulnerabilities
2011-01-07 00:00:00
freebsd
freebsd
MySQL authentication bypass / buffer overflow
2004-07-01 00:00:00
openvas
openvas
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
6.6 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.893 High
EPSS
Percentile
98.7%
Related for CVE-2004-0627