News

Computerworld13y
MySQL vulnerability allows attackers to bypass password verification
After exploiting the vulnerability, the module copies the MySQL server’s master user table, which contains all password hashes. An attacker can crack the password hashes using dictionary attacks ...
Ars Technica13y
Security flaw in MySQL, MariaDB allows access with any password—just keep submitting it
But in the affected versions of MariaDB and MySQL, as MontyProgram's Sergei Golubchik wrote in a list posting on June 9, the database can be fooled into accepting a password even if it doesn't match.
IT World Canada13y
Hackers can bypass MySQL password verification
After exploiting the vulnerability, the module copies the MySQL server’s master user table, which contains all password hashes. An attacker can crack the password hashes using dictionary attacks ...
Threat Post13y
Trivial Password Flaw Leaves MySQL Databases Exposed
In this case MySQL/MariaDB would think that the password is correct, even while it is not. Because the protocol uses random strings, the probability of hitting this bug is about 1/256.
PC World14y
MySQL Website Falls Victim to SQL Injection Attack - PCWorld
Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking ...
Network World13y
MySQL vulnerability allows attackers to bypass password verification
If MySQL was built on such a system, the code that compares the cryptographic hash of a user-inputted password to the hash stored in the database for a particular account will sometimes allow ...
PC World13y
MySQL Vulnerability Allows Attackers to Bypass Password Verification
If MySQL was built on such a system, the code that compares the cryptographic hash of a user-inputted password to the hash stored in the database for a particular account will sometimes allow ...