Vulnerabilities > CVE-2002-1923 - Unspecified vulnerability in Oracle Mysql
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
Vulnerable Configurations
Nessus
NASL family | Databases |
NASL id | MYSQL_3_WEAK_DEFAULT_CONFIG.NASL |
description | The version of MySQL installed on the remote host is 3.20.32 to 3.23.52. On Windows, the default configuration used in these versions is weak : - The database server binds to all network interfaces and can be reached from outside. (CVE-2002-1921) - Logging is disabled, attackers will not be detected. (CVE-2002-1923) - root |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 17821 |
published | 2012-01-18 |
reporter | This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/17821 |
title | MySQL 3.20.32 - 3.23.52 Weak Default Configuration |
code |
|