CVE-2002-1375

The COMCHANGEUSER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response...

CVE-2002-1374

The COMCHANGEUSER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password...

MySQL 3.23.x4.0.x - COM_CHANGE_USER Password Length Account

MySQL 3.23.x4.0.x - COMCHANGEUSER Password Length Account / source: https://www.securityfocus.com/bid/6373/info A flaw in the password authentication mechanism for MySQL may make it possible for an authenticated database user to compromise the accounts of other database users. The flaw lies in th...

MySQL 3.23.x4.0.x - COM_CHANGE_USER Password Memory Corruption

MySQL 3.23.x4.0.x - COMCHANGEUSER Password Memory Corruption source: https://www.securityfocus.com/bid/6375/info MySQL is prone to a memory corruption vulnerability in the COMCHANGEUSER command. Due to a lack of sufficient bounds checking for client responses to password authentication challenges...