Vulnerabilities > CVE-2000-0148 - Unspecified vulnerability in Oracle Mysql

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

nessus

NVD

Published: 2000-02-08

Updated: 2019-10-07

Summary

MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.

Part	Description	Count
Application	Oracle Oracle Mysql 3.22.26 Oracle Mysql 3.22.27 Oracle Mysql 3.22.29 Oracle Mysql 3.22.30 Oracle Mysql 3.23.8 Oracle Mysql 3.23.9 Oracle Mysql 3.23.10	7

NASL family	Databases
NASL id	MYSQL_BAD_PASSWORD.NASL
description	The remote version of MySQL is older than (or as old as) version 3.22.30 or 3.23.10. Thus, it may allow attacker who knows a valid username to access database tables without a valid password.
last seen	2020-06-01
modified	2020-06-02
plugin id	10343
published	2000-03-08
reporter	This script is Copyright (C) 2000-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/10343
title	MySQL Short Check String Authentication Bypass