BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
MySQL Anonymous Login Handshake - Information Leakage. May 02 2006 01:40PM
Stefano Di Paola (stefano dipaola wisec it)
~.oOOo. Anonymous Login Handshake .oOOo.~
=========================================

MySQL Server (<= 4.1.18, 5.0.20 ) has an information
leakage in the way mysql parses login packets on anonymous
users (blank password).

Author: Stefano Di Paola
Vulnerable: Mysql <= 4.1.18, 5.0.20
Type of Vuln...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus