PT-2006-2459 · Oracle+1 · Mysql Server+1

Ben Low

Published

2006-05-12

Updated

2017-07-20

CVE-2006-1451

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MySQL Manager in Apple Mac OS X versions 10.3.9 through 10.4.6

Description The issue arises when setting up a new MySQL database server using MySQL Manager in Apple Mac OS X. It fails to apply the provided "New MySQL root password", resulting in a blank MySQL root password. This allows local users to gain full privileges to the database.

Recommendations For versions 10.3.9 through 10.4.6, manually set a strong password for the MySQL root user after setting up the database server to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1451

Affected Products

Macos X

Mysql Server

PT-2006-2459 · Oracle+1 · Mysql Server+1

CVE-2006-1451

Related Identifiers

Affected Products

References · 9