MuyComputerPRO listed in several exploits for authentication failure MySQL are spreading in various online channels, partly because this error is particularly easy to exploit to gain root access to the base data.
The only factor that reduces its danger is the fact that it depends on the C library that is implemented with MySQL. This “bypass” the password system has already assigned a code of vulnerability, CVE-2012-2122, and WIN allows an attacker gains access root to the database by repeat attempts to access to that account with an incorrect password.
The vulnerability has been detailed by the security coordinator MariaDB, a fork of MySQL, and is due to an error error in the casting call by comparing the expected password with the password entered.
quite a lot of distributions affected by the problem, Ubuntu, openSUSE and Fedora among them-and you have more details on this problem in the original story in MuyComputerPRO .
No related posts.