|
|
MySQL Authentication Bypass Vulnerability
The researchers who discovered this vulnerability have developed working exploit code that is not publicly available or known to be circulating in the wild. A proof of concept exploit has been provided by Eli Kara <elik@beyondsecurity.com>. A diff file designed for patching the MySQL 5.0.0 alpha source has been provided by bambam@pineapple.shacknet.nu. Once patched the malicious client will be able to authenticate to the vulnerable server by providing no password and a valid username. |
|
Privacy Statement |