A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3Secunia Security Advisory - SUSE has issued an update for MySQL. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and manipulate certain data, by malicious users to gain knowledge of sensitive information, manipulate certain data, bypass certain security restrictions, and cause a DoS, and by malicious people to bypass certain security restrictions.
126be620f00bdbdbd91e3fad76a7f23ecc19469e794004a02fb50f4e9f2e5d91This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.
61e06a2fa99c7125dcd2af5faeafdcb8556b0880070d66206fa0180b420ee612Scrutinizer NetFlow and sFlow Analyzer versions 9.0.1 and below suffer from bypass, cross site scripting, and remote file upload vulnerabilities. It also has undocumented MySQL admin users.
5bbd69706e38d6f70c41925cdab4681651c0862b6cc58df5c29389f62daf07d3MySQL Squid Access Report version 2.1.4 suffers from an html injection vulnerability.
9ef08e7e97feb92f78a981eb4bf8bf5381847ef326753e6e48890bc57bb3df6eSymantec Web Gateway version 5.0.3.18 suffers from a remote blind SQL injection backdoor via MySQL triggers.
33d2c7451eea8c45146663fa6330e2747966d6816d1ce83431c543d2238e56fdSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
198c37146fbd23736a768971faacce1147dfc60bec0b2bd277e211dc9cabb4e8Secunia Security Advisory - SUSE has issued an update for mysql. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
d0723f262928a87ffa2698dad8cb9cd9d38b0494622d1c6c0f037693f8a92355THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
14805ba70f3f22beb00344db161a1a84d61059655f2be37dd02a5c5cceae306dRed Hat Security Advisory 2012-0874-04 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. A flaw was found in the way MySQL processed HANDLER READ NEXT statements after deleting a record. A remote, authenticated attacker could use this flaw to provide such requests, causing mysqld to crash. This issue only caused a temporary denial of service, as mysqld was automatically restarted after the crash.
c904aa49ee275a7324719d9a49d8bd3bde0b8e4215addcf47543da60e79f474fSecunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
6a73883ca2f2183be4e6a1725ba132f4e2463077626386f0e045d19403127311Secunia Security Advisory - Debian has issued an update for mysql-5.1. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service).
59a913dc8bff9f3bc775b57d2c3ac9ad144456fe23dc974d6cf386c1dd35278eDebian Linux Security Advisory 2496-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects.
eeffa758dc44f2f16c05876571d07e28555ef3fe9f2e29262843debe172cee70Secunia Security Advisory - Ubuntu has issued an update for mysql. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
dfecbeb307f0e35fde03c31e9864225ce6741cdd0d8e671b138e005f4a01d0b1MySQL remote root authentication bypass exploit.
fa8a07437a078edcac9f7f432c70a04cd4fc7c1f42f36d254d4fa9efe0c46b18Secunia Security Advisory - A security issue and vulnerability have been reported in MySQL, which can be exploited by malicious people to bypass certain security restrictions.
979a429192f4205c479f8c64ec81fb8511d61327f3d38c7a162b14be124da2a8Ubuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.
52928dd0c621971574807252ccbdfb1af768836701965a6ed9bfbf0a6c13a411vBulletin version 4.1.12 suffers from a MySQL information disclosure vulnerability.
7179a11916ac4740505cb246fc17137a5f1743347b7f111d00161bdb3083a05eAccess Road is a universal simulator of access controls that is intended to improve design and auditing of IT security. It provides simulations of GNU/Linux (components and rights on the file system), MySQL Server (components and privileges), and a generic Role-Based-Access-Control application. It is designed for database, system, and application administrators, IT architects and developers, and auditors. Reliability and the ability to explain the results are the main objectives. A 50 page tutorial is provided, and a powerful framework allows new simulations to be added.
66fb5636308651b4c30914ee68b3d1dd0bb8281f93ba0f3b8d86229d271ee731Access Road is a universal simulator of access controls that is intended to improve design and auditing of IT security. It provides simulations of GNU/Linux (components and rights on the file system), MySQL Server (components and privileges), and a generic Role-Based-Access-Control application. It is designed for database, system, and application administrators, IT architects and developers, and auditors. Reliability and the ability to explain the results are the main objectives. A 50 page tutorial is provided, and a powerful framework allows new simulations to be added. This is the source release.
4887943b5dfe0cd8a8727842cf0bd736b62983162e36e137d3fa1390c6741a9bIntercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
ad968798c1c3dc2e811d17b3502b2237418f4680838c912b55636ed2b18b1027Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80x30 or higher.
5f7266338e53e4318d99d392ca8aa81bda985a3b34aa8b12b8fdf6fc55f2f586Secunia Security Advisory - SUSE has issued an update for mysql-cluster. This fixes multiple vulnerabilities, which can be exploited by malicious users to gain escalated privileges and cause a DoS (Denial of Service).
d4063e5350cbf36d1968292918687f5316e477350b0f0f5b80870c06b3874374Secunia Security Advisory - SUSE has issued an update for mysql-community-server. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and manipulate certain data, by malicious users to gain knowledge of sensitive information, manipulate certain data, and cause a DoS (Denial of Service), and by malicious people to cause a DoS.
0055f616a3aed5bce4f5f0ee3a740160df8eceaf72d2acba58968479b315fb38This is a simple python script for cracking MySQL MD5 passwords.
2eabc6d50aa0308a12f9f621132d81ab8133f46b0854377425c4d9b0bac9f450SHA-1 MySQL database brute forcing utility. Written in Python.
0068129733662bae54b4b7a0b553891a45edd277617355e6aec8c7aae793b8ad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed