Description

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Remediation

References

CVE-2001-1275

Related Vulnerabilities

WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)

WordPress Plugin Integration for Contact Form 7 and Salesforce Cross-Site Scripting (1.2.4)

WordPress Plugin Quttera Web Malware Scanner Security Bypass (3.0.8.65)

WordPress Plugin Zibbra Cross-Site Scripting (1.7.0)

MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)

Severity

High

Classification

CVE-2001-1275

Tags

Missing Update Known Vulnerabilities