Description

The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.

Remediation

References

CVE-2002-1921

Related Vulnerabilities

Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9287)

WordPress Plugin CloudFlare Multiple Cross-Site Scripting Vulnerabilities (1.3.20)

GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)

TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509)

Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4906)

Severity

High

Classification

CVE-2002-1921

Tags

Missing Update Known Vulnerabilities