Sunday, April 11, 2021

MySQL Vulnerability Allows Attackers to Bypass Password Verification

NetworkWorld: Security researchers have released exploit details for a security vulnerability in MySQL that could allow attackers to access databases without entering a correct password. The vulnerability affects Linux systems that use an SSE-optimized glibc and that are running MySQL. On those systems, an attacker can gain access to the database after entering an incorrect password about 1 out of every 256 times. “300 attempts takes only a fraction of second, so basically account password protection is as good as nonexistent,” noted security expert Sergei Golubchik.

The MySQL patches numbered 5.1.63 and 5.5.25, both released in May, address this security vulnerability. Now that exploit code has been made public, IT administrators are encouraged to install the updates as soon as possible.

Similar articles

Latest Articles

The Conversational AI Revolution:...

One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...

Edge Computing

Edge computing is a broad term that refers to a highly distributed computing framework that moves compute and storage resources closer to the exact...

Data-Driven Decision Making: Top...

The phrase data-driven decision making – certainly popular in the field of data analytics – may seem redundant. After all, nearly everything is driven...

Top Performing Artificial Intelligence...

As artificial intelligence has become a growing force in business, today’s top AI companies are leaders in this emerging technology. Often leveraging cloud computing and...