The host is running MySQL and is prone to user enumeration vulnerability.
Successful exploitation allows attackers to obtain valid usernames, which may aid them in brute-force password cracking or other attacks. Impact Level: Application
For Maria DB upgrade to 5.5.29, 5.3.12, 5.2.14 or later. For updates refer to https://mariadb.org/ For MySQL apply the updates from vendor, http://www.mysql.com/
Mysql server will respond with a different message than Access Denied, when attacker authenticates using an incorrect password with the old authentication mechanism mysql 4.x and below to a mysql 5.x server.
MySQL version 5.5.19 and possibly other versions MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66 and possibly other versions
Updated on 2015-03-25
- MongoDB nativeHelper Denial of Service Vulnerability
- IBM DB2 Multiple Security Bypass Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities - 01 May14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 03 May14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 05 Jan14 (Windows)