MySQL Database Engine Weak Authentication Information Disclosure

2000-10-23T00:00:00
ID OSVDB:6716
Type osvdb
Reporter OSVDB
Modified 2000-10-23T00:00:00

Description

Vulnerability Description

MySQL contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker monitors traffic of users authenticated using a weak algorithm occurs, which will disclose password information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

MySQL contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker monitors traffic of users authenticated using a weak algorithm occurs, which will disclose password information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.mysql.com/ Other Advisory URL: http://www1.corest.com/common/showdoc.php?idx=125&idxseccion=10 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-10/0318.html Keyword: CORE-20001023 ISS X-Force ID: 5409 CVE-2000-0981 Bugtraq ID: 1826