Oracle MySQL Server Username Enumeration Weakness

Oracle MySQL Server is prone to a username-enumeration weakness because it responds differently to login attempts, depending on whether or not the username exists.

Attackers may exploit this weakness to discern valid usernames, which may aid them in brute-force password cracking or other attacks.


Privacy Statement
Copyright 2010, SecurityFocus