MySQL Null Root Password Weak Default Configuration Vulnerability

MySQL Null Root Password Weak Default Configuration Vulnerability

Solution:
Administrators should either disable the default account, or supply a strong password. The following SQL command is supplied by Mike Bommarito <g0thm0g@attbi.com>:

DELETE FROM mysql.user;
GRANT ALL PRIVILEGES ON *.* TO user@localhost
IDENTIFIED BY 'password' WITH GRANT OPTION;

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.