10 matches found
Linux Distros Unpatched Vulnerability : CVE-2012-5627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser...
MariaDB 10.0.0 < 10.0.1 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.1 advisory. - Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users t...
CVE-2012-5627 affecting package mysql for versions less than 8.0.24-1
CVE-2012-5627 affecting package mysql for versions less than 8.0.24-1. A patched version of the package is available...
CVE-2012-5627 affecting package mysql 8.0.29-1
CVE-2012-5627 affecting package mysql 8.0.29-1. A patched version of the package is available...
CVE-2012-5627
CVE-2012-5627 affects Oracle MySQL and MariaDB where the salt is not changed during multiple executions of the CHANGE_USER command within the same MySQL/MariaDB connection. This allows remote authenticated users to more easily brute-force passwords. Affected versions include MySQL/MariaDB: 5.5.x ...
Mandriva Linux Security Advisory : mariadb (MDVSA-2013:102)
Updated mariadb packages includes fixes for the following security vulnerabilities : Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client CVE-2012-3147. Unspecified...
Security fix for the ALT Linux 8 package mariadb version April
April 1, 2013 Michael Shigorin 5.5.30-alt10 - New version - NB: 5.5.29 had important security fixes, including: + A buffer overflow that can cause a server crash or arbitrary code execution a variant of CVE-2012-5611 + CVE-2012-5627 fast password brute-forcing using the "change user" +...
MariaDB 5.2.0 < 5.2.14 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.2.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.2.14 advisory. - Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users t...
Oracle MySQL/MariaDB 不安全Salt生成安全绕过漏洞(CVE-2012-5627)
Bugtraq ID:56837 CVE ID:CVE-2012-5627 MySQL是一款开源关系型数据库管理系统。MariaDB是一个采用Maria存储引擎的MySQL分支版本。 MySQL处理密码salt值存在漏洞,当用户登录MySQL时,会生成Salt值用于防止密码猜测攻击。此salt值在会话开始时创建并用于整个会话,如果通过验证的攻击者使用MySQL "changeuser"命令尝试以其他用户登录,由于Salt已知,可导致密码猜测更有效率。 0 MySQL 5.5.19及其他版本 MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66 MariaDB...
CVE-2012-5627
creationtimestamp| type| source ---|---|--- 2012-12-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38109 2026-06-08 02:37:18+00:00| seen| https://gist.github.com/GustavoLopreto/2028a93a87ebc86d6cb797b2b5907f4d...