Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1451

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-1451
Last Modified 07 Mar 2011 09:33:07
Published 12 May 2006 05:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1451

Summary

MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.3.9

  • Apple Mac Os X 10.4.6


References

CERT - TA06-132A

APPLE - APPLE-SA-2006-05-11

VUPEN - ADV-2006-1779

XF - macos-mysql-manager-blank-password(26420)

BID - 17951

OSVDB - 25595

SECTRACK - 1016077

SECUNIA - 20077

Related Patches

Apple 2006-05-11 Security Update 2006-003 (10.4.6 Server)


Last Updated: 27 May 2016 10:42:03