Resources Blog Simple Authentication Bypass For MySQL Root Revealed

Simple Authentication Bypass For MySQL Root Revealed

H Security – (International) Simple authentication bypass for MySQL root revealed. Exploits for a recently revealed MySQL authentication bypass flaw are now in the wild, partly because the flaw is simple to exploit to gain root access to the database, experts said. The only mitigating factor appears to be that it depends on the C library with which the MySQL database was built. The bypass, assigned the vulnerability ID CVE-2012-2122, allows an attacker to gain root access by repeatedly trying to login with an incorrect password. Each attempt has a 1 in 256 chance of being given access.

Source: http://www.h-online.com/security/news/item/Simple-authentication-bypass-for-MySQL-root-revealed-Update-1614990.html

Picture of Ali Loney

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.