Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2002-1374

Disclosure Date: December 23, 2002
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Technical Analysis