ID de Prueba:	1.3.6.1.4.1.25623.1.0.103551
Categoría:	Default Accounts
Título:	MySQL / MariaDB Default Credentials (MySQL Protocol)
Resumen:	It was possible to login into the remote MySQL using default; credentials.
Descripción:	Summary: It was possible to login into the remote MySQL using default credentials. Affected Software/OS: The following products are know to use such weak credentials: - CVE-2001-0645: Symantec/AXENT NetProwler 3.5.x - CVE-2002-1809: Windows binary release of MySQL 3.23.2 through 3.23.52 - CVE-2004-1532: AppServ 2.5.x and earlier - CVE-2004-2357: Proofpoint Protection Server - CVE-2006-1451: MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6 - CVE-2007-2554: Associated Press (AP) Newspower 4.0.1 and earlier - CVE-2007-6081: AdventNet EventLog Analyzer build 4030 - CVE-2009-0919: XAMPP - CVE-2014-3419: Infoblox NetMRI before 6.8.5 - CVE-2015-4669: Xsuite 2.x - CVE-2016-6531, CVE-2018-15719: Open Dental before version 18.4 - CVE-2024-22901: Vinchin Backup & Recovery 7.2 and prior Other products might be affected as well. Solution: - Change the password as soon as possible - Contact the vendor for other possible fixes / updates CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0645 Bugtraq: 20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x database configuration (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-05/0098.html Bugtraq: 20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x password restrictions (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-05/0097.html CERT/CC vulnerability note: VU#508387 http://www.kb.cert.org/vuls/id/508387 XForce ISS Database: netprowler-default-management-password(6537) https://exchange.xforce.ibmcloud.com/vulnerabilities/6537 XForce ISS Database: netprowler-default-odbc-password(6539) https://exchange.xforce.ibmcloud.com/vulnerabilities/6539 Common Vulnerability Exposure (CVE) ID: CVE-2002-1809 BugTraq ID: 5503 http://www.securityfocus.com/bid/5503 Bugtraq: 20020818 Weak MySQL Default Configuration on Windows (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-08/0185.html http://www.iss.net/security_center/static/9902.php Common Vulnerability Exposure (CVE) ID: CVE-2004-1532 BugTraq ID: 11704 http://www.securityfocus.com/bid/11704 Bugtraq: 20041118 AppServ 2.5.x and Prior Exploit (Google Search) http://marc.info/?l=bugtraq&m=110079586328430&w=2 XForce ISS Database: appserv-default-account(18163) https://exchange.xforce.ibmcloud.com/vulnerabilities/18163 Common Vulnerability Exposure (CVE) ID: CVE-2004-2357 http://marc.info/?l=full-disclosure&m=107745676915297&w=2 http://marc.info/?l=full-disclosure&m=107752568009182&w=2 XForce ISS Database: proofpoint-mysql-gain-access(15280) https://exchange.xforce.ibmcloud.com/vulnerabilities/15280 Common Vulnerability Exposure (CVE) ID: CVE-2006-1451 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html BugTraq ID: 17951 http://www.securityfocus.com/bid/17951 Cert/CC Advisory: TA06-132A http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.osvdb.org/25595 http://securitytracker.com/id?1016077 http://secunia.com/advisories/20077 http://www.vupen.com/english/advisories/2006/1779 XForce ISS Database: macos-mysql-manager-blank-password(26420) https://exchange.xforce.ibmcloud.com/vulnerabilities/26420 Common Vulnerability Exposure (CVE) ID: CVE-2007-2554 Bugtraq: 20070508 AP Newspower software <=4.0.1 allows remote data manipulation (Google Search) http://www.securityfocus.com/archive/1/467962/100/0/threaded http://osvdb.org/36251 http://securityreason.com/securityalert/2679 Common Vulnerability Exposure (CVE) ID: CVE-2007-6081 BugTraq ID: 26304 http://www.securityfocus.com/bid/26304 http://osvdb.org/42423 http://secunia.com/advisories/27833 Common Vulnerability Exposure (CVE) ID: CVE-2009-0919 http://ptk.dflabs.com/security.html http://www.debianhelp.co.uk/xampp.htm http://www.ibm.com/developerworks/linux/library/l-xampp/ XForce ISS Database: ptk-default-password(49306) https://exchange.xforce.ibmcloud.com/vulnerabilities/49306 Common Vulnerability Exposure (CVE) ID: CVE-2014-3419 BugTraq ID: 68473 http://www.securityfocus.com/bid/68473 Bugtraq: 20140709 Weak Local Database Credentials in Infoblox Network Automation (Google Search) http://www.securityfocus.com/archive/1/532710/100/0/threaded http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html https://github.com/depthsecurity/NetMRI-2014-3418 http://www.securitytracker.com/id/1030542 XForce ISS Database: infoblox-cve20143419-default-account(94450) https://exchange.xforce.ibmcloud.com/vulnerabilities/94450 Common Vulnerability Exposure (CVE) ID: CVE-2015-4669 Bugtraq: 20150722 Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] (Google Search) http://www.securityfocus.com/archive/1/536058/100/0/threaded https://www.exploit-db.com/exploits/37708/ http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt Common Vulnerability Exposure (CVE) ID: CVE-2016-6531 BugTraq ID: 92780 http://www.securityfocus.com/bid/92780 CERT/CC vulnerability note: VU#619767 http://www.kb.cert.org/vuls/id/619767 http://www.kb.cert.org/vuls/id/GWAN-ACVSBM Common Vulnerability Exposure (CVE) ID: CVE-2018-15719 https://www.tenable.com/security/research/tra-2018-44 Common Vulnerability Exposure (CVE) ID: CVE-2024-22901 http://vinchin.com https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/ https://seclists.org/fulldisclosure/2024/Jan/30
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.