Description

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Remediation

References

CVE-2001-1275

Related Vulnerabilities

WordPress Plugin World Travel Information Cross-Site Scripting (1.0.0)

WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0725)

WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (3.9.1)

Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420)

Severity

High

Classification

CVE-2001-1275

Tags

Missing Update Known Vulnerabilities