1. CVE-Search
  2. CVE-2001-1275
ID CVE-2001-1275
Summary MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:mysql:-:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.20.32a:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.20.32a:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.29:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.29:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.22.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.22.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.20:beta:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.20:beta:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.25:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.25:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.28:gamma:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.28:gamma:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.29:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.29:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:3.23.31:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:3.23.31:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 07-10-2019 - 16:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2001:003
refmap via4
caldera CSSA-2001-006.0
freebsd FreeBSD-SA-01:16
mandrake MDKSA-2001:014
Last major update 07-10-2019 - 16:39
Published 19-01-2001 - 05:00
Last modified 07-10-2019 - 16:39
Back to Top