Rule Category
SERVER-MYSQL -- Snort has detected traffic exploiting vulnerabilities in MySQL servers.
Alert Message
SERVER-MYSQL secure client overflow attempt
Rule Explanation
An attacker could bypass MySQL authentication.
What To Look For
The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
Known Usage
No public information
False Positives
No known false positives
Contributors
Cisco Talos Intelligence Group
Rule Groups
MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application
Adversaries may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands in order to cause unintended or unanticipated behavior. The weakness in the system can be a bug, a glitch, or a design vulnerability. These applications are often websites, but can include databases (like SQL), standard services (like SMB or SSH), network device administration and management protocols (like SNMP and Smart Install), and any other applications with Internet accessible open sockets, such as web servers and related services.
T1190
Additional Links
Rule Vulnerability
Escalation of Privilege
An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.
CVE Additional Information
This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2004-0627
|
Loading description
|
|
Severity | |
Base Score | |
Impact Score | |
Exploit Score | |
Confidentiality Impact | |
Integrity Impact | |
Availability Impact | |
Authentication | |
Ease of Access | |
|