Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2011/01/07 12:0 a.m.263 views

MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass

A bug in the version of MySQL running on the remote host allows a remote attacker to bypass the password authentication mechanism using a specially crafted packet with a zero-length scramble buff string. An attacker with knowledge of an existing account defined to the affected service can leverag...

10CVSS5.6AI score0.69647EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.24 views

FreeBSD Ports: mysql-server

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS7AI score0.69647EPSS
Exploits1References5
canvas
canvas
added 2004/12/06 5:0 a.m.49 views

Immunity Canvas: MYSQL_AUTH_BYPASS

Name| mysqlauthbypass ---|--- CVE| CVE-2004-0627 Exploit Pack| CANVAS Description| MySQL authentication bypass Notes| CVE Name: CVE-2004-0627 OSVDB: http://www.osvdb.org/displayvuln.php?osvdbid=7475 Notes: Mysql authentication can be bypass by a special crafted password with zeroed-strings...

10CVSS6.7AI score0.69647EPSS
Exploits1
CVE
CVE
added 2004/07/08 4:0 a.m.86 views

CVE-2004-0627

CVE-2004-0627 affects MySQL 4.1.x (before 4.1.3) and 5.0. A vulnerability in the check_scramble_323 function allows a remote attacker to bypass authentication by sending a zero-length scrambled string, enabling login to a valid account. The issue is exploitable over the network and is documented ...

10CVSS6.5AI score0.69647EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder