MySQL Authentication Bypass Through A Zero-length Password Network Vulnerability

Summary

It is possible to bypass password authentication for a database user using a crafted authentication packet with a zero-length password Note: In order to use this script, the MySQL daemon has to allow connection from the scanning IP address

Severity

Classification

CVSS Base Score: 0.0
AV:N/AC:L/Au:N/C:N/I:N/A:N

Related Vulnerabilities

OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Linux)
Samba Symlink Directory Traversal Vulnerability
IMAP arbitrary file retrieval
Subversion Module File Restriction Bypass
LDAPsearch

MySQL Authentication bypass through a zero-length password

Take action and discover your vulnerabilities