Описание
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [5.5.36-1]] |
| lucid | DNE | |
| precise | DNE | |
| trusty | not-affected | 5.5.36-1 |
| trusty/esm | DNE | trusty was not-affected [5.5.36-1] |
| upstream | released | 5.5.29 |
| utopic | not-affected | 5.5.36-1 |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | ignored | |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | DNE | |
| precise | ignored | |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| lucid | DNE | |
| precise | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | needs-triage | |
| utopic | ignored | end of life |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and ...
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
EPSS
4 Medium
CVSS2