Computerworld

MySQL vulnerability allows attackers to bypass password verification

Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.
Threat Post

Trivial Password Flaw Leaves MySQL Databases Exposed

There is a trivially exploitable vulnerability in MySQL that enables an attacker to gain root access to the database server. The bug, which recently was patched ...
Ars Technica

Setting root password in mySQL

I installed PHP/Apache/MySQL recently and everything seems to be working well. How do I set my root password. To access my db I use <P>@mysql_connect("localhost", "database", "");<P>It works. I run ...
Ars Technica

Security flaw in MySQL, MariaDB allows access with any password—just keep submitting it

When the latest release of MariaDB was announced in April by MontyProgram AB founder and MySQL creator Michael “Monty” Widenius, it came with a warning from Widenius that a severe security bug had ...
Redmond Magazine

MySQL Databases Subject to Password Verification Flaw

It could give remote attackers access the contents of the databases by bypassing the password authentication process in unpatched systems. "When a user connects to MariaDB/MySQL, a token (SHA over a ...
InfoWorld

MySQL vulnerability allows attackers to bypass password verification

The vulnerability was addressed in MySQL 5.1.63 and 5.5.25, but many server administrators might not be aware of its impact Security researchers have released details about a vulnerability in the ...