MySQL 3.20.32 - 3.23.52 Weak Default Configuration

The version of MySQL installed on the remote host is 3.20.32 to 3.23.52. On Windows, the default configuration used in these versions is weak : - The database server binds to all network interfaces and can be reached from outside. CVE-2002-1921 - Logging is disabled, attackers will not be detecte...

CVE-2002-1809

CVE-2002-1809 affects Windows binaries of MySQL 3.23.2–3.23.52 where the root password is NULL/blank by default. Public sources in the connected documents describe that the default configuration can permit remote attackers to gain unauthorized root access to the MySQL database (e.g., with default...