CVE-2002-1374

Name of the Vulnerable Software and Affected Versions MySQL versions 3.x through 3.23.54 MySQL versions 4.x through 4.0.6

Description The issue allows remote attackers to gain privileges via a brute force attack. This is possible because the COM CHANGE USER command in the affected software only compares the provided password against the first character of the real password when a one-character password is used.

Recommendations For MySQL versions 3.x through 3.23.54, update to version 3.23.54 or later. For MySQL versions 4.x through 4.0.6, update to version 4.0.6 or later.