Forum Stats

  • 3,780,931 Users
  • 2,254,456 Discussions
  • 7,879,498 Comments

Discussions

关于mysql的问题CVE-2012-5627在哪个版本中解决了

3183687
3183687 Member Posts: 5
edited Feb 29, 2016 3:36AM in MySQL Community Space

CVE-2012-5627在哪个版本中解决了?


The installed version of MySQL may be affected by a security bypass
vulnerability because the salt used during password validation does not
change when switching users with the 'COM_CHANGE_USER' command.
Additionally, the connection is not reset when invalid credentials are
submitted.  Normally, when a connection is initiated and invalid
credentials are submitted, the connection is terminated, which slows
brute-force attempts substantially.

Tagged:

Best Answer

Answers