PT-2002-2642 · Mysql Server · Mysql Server

Published

2002-12-31

Updated

2019-10-07

CVE-2002-1921

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions MySQL versions 3.20.32 through 3.23.52

Description The default configuration of MySQL, when running on Windows, does not set the bind address to the loopback interface by default in the specified versions, which allows remote attackers to connect to the database.

Recommendations For MySQL versions 3.20.32 through 3.23.52, consider updating the configuration to bind the MySQL server to the loopback interface to prevent remote connections.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1921

Affected Products

Mysql Server

PT-2002-2642 · Mysql Server · Mysql Server

CVE-2002-1921

Related Identifiers

Affected Products

References · 4