Vulnerabilities > CVE-2002-1923 - Unspecified vulnerability in Oracle Mysql

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
oracle
nessus
NVD
Published: 2002-12-31
Updated: 2019-10-07

Summary

The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.

Vulnerable Configurations

Part Description Count
Application
Oracle
42

Nessus

NASL familyDatabases
NASL idMYSQL_3_WEAK_DEFAULT_CONFIG.NASL
descriptionThe version of MySQL installed on the remote host is 3.20.32 to 3.23.52. On Windows, the default configuration used in these versions is weak : - The database server binds to all network interfaces and can be reached from outside. (CVE-2002-1921) - Logging is disabled, attackers will not be detected. (CVE-2002-1923) - root
last seen2020-06-01
modified2020-06-02
plugin id17821
published2012-01-18
reporterThis script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/17821
titleMySQL 3.20.32 - 3.23.52 Weak Default Configuration
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(17821);
  script_version("1.8");
  script_cvs_date("Date: 2018/11/15 20:50:21");

  script_cve_id(
    "CVE-2002-1809",
    "CVE-2002-1921",
    "CVE-2002-1923"
  );
  script_bugtraq_id(
    5503,
    5511,
    5513
  );

  script_name(english:"MySQL 3.20.32 - 3.23.52 Weak Default Configuration");
  script_summary(english:"Checks the version of MySQL Server.");

  script_set_attribute(attribute:"synopsis", value:
"The default configuration of the remote database server may be
weak.");
  script_set_attribute(attribute:"description", value:
"The version of MySQL installed on the remote host is 3.20.32 to
3.23.52. On Windows, the default configuration used in these versions
is weak :

  - The database server binds to all network interfaces and 
    can be reached from outside. (CVE-2002-1921)

  - Logging is disabled, attackers will not be detected. 
    (CVE-2002-1923)

  - root's password is blank. (CVE-2002-1809)");
  script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2002/Aug/281");
  script_set_attribute(attribute:"solution", value:
"Edit the configuration file and add this line if needed :

bind-address=127.0.0.1");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2002/10/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/18");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl", "os_fingerprint.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("mysql_version.inc");

mysql_check_version(fixed:'3.23.53', min: '3.20.32', severity:SECURITY_HOLE);

References