Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1275

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-1275
Last Modified 07 Mar 2011 09:07:05
Published 19 Jan 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1275

Summary

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Vulnerable Systems

Application

  • Mysql 3.23.31


References

REDHAT - RHSA-2001:003

MANDRAKE - MDKSA-2001:014

CALDERA - CSSA-2001-006.0

FREEBSD - FreeBSD-SA-01:16


Last Updated: 27 May 2016 10:36:36