A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3
NGSSoftware Insight Security Research Advisory - By submitting a carefully crafted authentication packet, it is possible for an attacker to bypass password authentication in MySQL 4.1 and 5.0.
a8fa6517ad413933526176e4875bcf863d41ff0b026bf2cefc6c21b718e323e7