SID 1:3668

Report a false positive

Rule Category

SERVER-MYSQL -- Snort has detected traffic exploiting vulnerabilities in MySQL servers.

Alert Message

SERVER-MYSQL client authentication bypass attempt

Rule Explanation

An attacker could bypass authentication in MySQL

What To Look For

The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2004-0627

Additional Links

www.nextgenss.com/advisories/mysql-authbypass.txt

Rule Vulnerability

Escalation of Privilege

An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2004-0627
 Loading description