CVE-2001-1275

Published: Jan 19, 2001Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Affected (1)

Products: Oracle: Mysql

Oracle

1 product

Mysql

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Mysql	Up to 3.23.31

References (8)

http://marc.info/?l=bugtraq&m=98089552030459&w=2

Source: cve@mitre.org

http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt

Source: cve@mitre.org

http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2001-003.html

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=98089552030459&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2001-003.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.