Description

The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.

Remediation

References

CVE-2002-1921

Related Vulnerabilities

Oracle JRE CVE-2013-2460 Vulnerability (CVE-2013-2460)

WordPress Plugin Advanced Custom Fields (ACF) PHP Object Injection (5.7.10)

WebLogic CVE-2020-14750 Vulnerability (CVE-2020-14750)

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (4.5.5)

WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Security Bypass (2.8.7)

Severity

High

Classification

CVE-2002-1921

Tags

Missing Update Known Vulnerabilities