CVE-2012-5627

MEDIUM

Description

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

References

http://seclists.org/fulldisclosure/2012/Dec/58

http://seclists.org/fulldisclosure/2012/Dec/83

http://seclists.org/oss-sec/2012/q4/424

http://secunia.com/advisories/53372

http://security.gentoo.org/glsa/glsa-201308-06.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2013:102

https://bugzilla.redhat.com/show_bug.cgi?id=883719

https://mariadb.atlassian.net/browse/MDEV-3915

Details

Source: MITRE

Published: 2013-10-01

Updated: 2017-08-03

Type: CWE-255

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*

cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
71116MySQL Server COM_CHANGE_USER Command Security BypassNessusDatabases
medium
69508GLSA-201308-06 : MySQL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
66215Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1807-1)NessusUbuntu Local Security Checks
high
66114Mandriva Linux Security Advisory : mariadb (MDVSA-2013:102)NessusMandriva Local Security Checks
high
64935MariaDB 5.5 < 5.5.29 Multiple VulnerabilitiesNessusDatabases
medium
64934MariaDB 5.3 < 5.3.12 Multiple VulnerabilitiesNessusDatabases
medium
64933MariaDB 5.2 < 5.2.14 Multiple VulnerabilitiesNessusDatabases
medium
64932MariaDB 5.1 < 5.1.67 Multiple VulnerabilitiesNessusDatabases
medium
64421FreeBSD : mysql/mariadb/percona server -- multiple vulnerabilities (8c773d7f-6cbb-11e2-b242-c8600054b392)NessusFreeBSD Local Security Checks
medium