MySQL.Authentication.Bypass
Description
This vulnerability affects MySQL. A remote attacker can use a carefully crafted authentication packet to completely bypass password authentication. The check_scramble_323() function in MySQL allows remote attackers to bypass authentication with a zero-length password.
Affected Products
MySQL 4.1.x before 4.1.3, and 5.0.
Impact
Full access to the database.
Recommended Actions
Update to MySQL version 5.1 or newer.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |