MySQL Query authentication bypass vulnerability
Information provision: |
Security Bulletins (or clues) provide hotlines: 51cto.editor@gmail.com |
Vulnerability Category: |
Exception handling error |
Attack type: |
Local attacks |
Release date: |
2006-02-27 |
Updated on: |
2006-02-27 |
Affected systems: |
MySQL 3.x
MySQL 4.x
MySQL 5.x |
Security system: |
None |
Vulnerability reporter: |
1dt. w0lf |
Vulnerability description: |
Secunia Advisory: sa%34
A security authentication bypass vulnerability was found in MySQL.
This vulnerability is caused by an error in Operation query records. This vulnerability can be used to incorrectly authenticate some queries when a search request contains Null characters.
For example:
Mysql_query ("/*". chr (0). "*/SELECT * FROM table ");
This vulnerability has been confirmed in version 5.0.18. Other versions may also be affected. |
Test method: |
None |
Solution: |
Only trusted authorized users are allowed to connect to the database. |
(Responsible editor: zhaohb)