CVE-2012-2122

critical

Description

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.

References

http://www.exploit-db.com/exploits/19092

http://securitytracker.com/id?1027143

http://security.gentoo.org/glsa/glsa-201308-06.xml

http://secunia.com/advisories/53372

http://secunia.com/advisories/49417

http://seclists.org/oss-sec/2012/q2/493

http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html

http://kb.askmonty.org/en/mariadb-5162-release-notes/

Details

Source: Mitre, NVD

Published: 2012-06-26

Updated: 2014-02-21

Risk Information

CVSS v2

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical