Description

The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.

Remediation

References

CVE-2002-1921

Related Vulnerabilities

WordPress Plugin Twitter Button by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.36)

WordPress Plugin Duplicator-WordPress Migration Security Bypass (0.5.8)

WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0)

Oracle Database Server CVE-2014-6563 Vulnerability (CVE-2014-6563)

PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)

Severity

High

Classification

CVE-2002-1921

Tags

Missing Update Known Vulnerabilities