CVSS: 5.0EPSS: 2%CPEs: 8EXPL: 0CVE-2003-0073
https://notcve.org/view.php?id=CVE-2003-0073
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. Vulnerabilidad de doble liberación de memoria (double-free) en mysqld de MySQL anteriores a 3.23.55 permite a atacantes remotos causar una denegación de servicio (caída) mediante mysql_change_user. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000743 http://marc.info/?l=bugtraq&m=104385719107879&w=2 http://www.debian.org/security/2003/dsa-303 http://www.iss.net/security_center/static/11199.php http://www.linuxsecurity.com/advisories/engarde_advisory-2873.html http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:013 http://www.mysql.com/doc/en/News-3.23.55.html http://www.redhat.com/support/errata/RHSA-2003-093.html http://www.redhat.c •
CVSS: 7.5EPSS: 1%CPEs: 42EXPL: 0CVE-2002-1923
https://notcve.org/view.php?id=CVE-2002-1923
The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection. • http://online.securityfocus.com/archive/1/288105 http://www.iss.net/security_center/static/9909.php http://www.securityfocus.com/bid/5513 •
CVSS: 7.5EPSS: 1%CPEs: 42EXPL: 0CVE-2002-1921
https://notcve.org/view.php?id=CVE-2002-1921
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database. • http://online.securityfocus.com/archive/1/288105 http://www.iss.net/security_center/static/9908.php http://www.securityfocus.com/bid/5511 •
CVSS: 7.5EPSS: 2%CPEs: 34EXPL: 2CVE-2002-1809 – MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration
https://notcve.org/view.php?id=CVE-2002-1809
The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database. • https://www.exploit-db.com/exploits/21725 http://archives.neohapsis.com/archives/bugtraq/2002-08/0185.html http://www.iss.net/security_center/static/9902.php http://www.securityfocus.com/bid/5503 •
CVSS: 5.0EPSS: 7%CPEs: 47EXPL: 0CVE-2002-1373
https://notcve.org/view.php?id=CVE-2002-1373
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call. Vulnerabilidad de enteros con signo en el paquete COM_TABLE_DUMP de MySQL 3.23.x anteriores a 3.23.54 permite a atacantes remotos causar una denegación de servicio (caída o cuelge) en mysqld proveyendo a una llamada a memcpy() con enteros negativos grandes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555 http://marc.info/?l=bugtraq&m=103971644013961&w=2 http://marc.info/?l=bugtraq&m=104004857201968&w=2 http://security.e-matters.de/advisories/042002.html http://www.debian.org/security/2002/dsa-212 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:087 http://www.novell.com/linux/security/advisories/2003_003_mysql.html http://www.redhat.com/support/errata/RHSA-2002-288.html http://www.redhat&# •