Vulnerabilities

CVE-2012-5627

by Fred · 01/10/2013

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

Date published : 2013-10-01

https://mariadb.atlassian.net/browse/MDEV-3915

http://seclists.org/fulldisclosure/2012/Dec/58

Similar

Tags: Cybersecurity Alert