Gravedad: Crítico
  Fecha recomendada: 21 de julio de 2015

  Descripción

There exists an information disclosure vulnerability in MySQL database. The vulnerability is due to a flaw in the server component responsible for the login handshake procedure and allows an attacker with anonymous access to the database to read sensitive data stored in the memory of the server. The attacker then may use the acquired information to compromise the server or to facilitate other attack attempts.

  Revelación de la información

Apply associated Trend Micro DPI Rules.

  Soluciones

  Trend Micro Deep Security DPI Rule Number: 1004901
  Trend Micro Deep Security DPI Rule Name: 1004901 - Identified Suspicious Remote Login To MySQL Server Without Password

  Software y versión afectados

  • mysql