|
MySQL Null Root Password Weak Default Configuration Vulnerability
Solution: Administrators should either disable the default account, or supply a strong password. The following SQL command is supplied by Mike Bommarito <g0thm0g@attbi.com>: DELETE FROM mysql.user; GRANT ALL PRIVILEGES ON *.* TO user@localhost IDENTIFIED BY 'password' WITH GRANT OPTION; Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>. |
|
|
Privacy Statement |
