CVE-2012-2122
MEDIUM severity · CVSS 5.1 · Improper authentication
5.1CVSS MEDIUM
Summary
sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)94%
AV:N/AC:H/Au:N/C:P/I:P/A:P
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Official patch: http://seclists.org/oss-sec/2012/q2/493 ↗
Additional information
- NVD record
- http://seclists.org/oss-sec/2012/q2/493Patch
- http://secunia.com/advisories/49417Advisory
- http://kb.askmonty.org/en/mariadb-5162-release-notes/
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html
- http://secunia.com/advisories/53372
- http://security.gentoo.org/glsa/glsa-201308-06.xml
- http://securitytracker.com/id?1027143
- http://bugs.mysql.com/bug.php?id=64884Exploit