If MySQL was built on such a system, the code that compares the cryptographic hash of a user-inputted password to the hash stored in the database for a particular account will sometimes allow ...

A trivial flaw in the password handling on MySQL and MariaDB installations allows a remote attacker to compromise those systems using any password.

Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.

Security experts have identified some 879,046 servers vulnerable to a brute force flaw that undermines password controls in MySQL and MariaDB systems. According to Rapid7 security chief HD Moore ...

mysql Ver 14.12 Distrib 5.0.77, for redhat-linux-gnu (i686) using readline 5.1 I need to work on MySQL about once every six months, so it's always an exciting re-learning experience ;) Anyway, I ...

Security experts have identified some 879,046 servers vulnerable to a brute force flaw that undermines password controls in MySQL and MariaDB systems. According to Rapid7 security chief HD Moore ...

Security flaw in MySQL, MariaDB allows access with any password—just keep submitting it The flaw, patched in both databases, leaves some versions wide open to attackers ...

"When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value," said Golubchik. "Because of incorrect ...