Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1809

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1809
Last Modified 05 Sep 2008 04:31:34
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1809

Summary

The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.

Vulnerable Systems

Application

  • Mysql 3.23.10

  • Mysql 3.23.2

  • Mysql 3.23.23

  • Mysql 3.23.24

  • Mysql 3.23.25

  • Mysql 3.23.26

  • Mysql 3.23.27

  • Mysql 3.23.28

  • Mysql 3.23.29

  • Mysql 3.23.3

  • Mysql 3.23.30

  • Mysql 3.23.31

  • Mysql 3.23.34

  • Mysql 3.23.36

  • Mysql 3.23.37

  • Mysql 3.23.38

  • Mysql 3.23.39

  • Mysql 3.23.4

  • Mysql 3.23.40

  • Mysql 3.23.41

  • Mysql 3.23.42

  • Mysql 3.23.43

  • Mysql 3.23.44

  • Mysql 3.23.45

  • Mysql 3.23.46

  • Mysql 3.23.47

  • Mysql 3.23.48

  • Mysql 3.23.49

  • Mysql 3.23.5

  • Mysql 3.23.50

  • Mysql 3.23.51

  • Mysql 3.23.52

  • Mysql 3.23.8

  • Mysql 3.23.9


References

BID - 5503

XF - mysql-default-root-access(9902)

BUGTRAQ - 20020818 Weak MySQL Default Configuration on Windows


Last Updated: 27 May 2016 10:37:30