- 论坛徽章:
- 0
|
这是扫描安全的原话
通过0长度密码绕过MySQL认证
用户用一个精心构造的认证数据包
可能会绕过数据库的密码认证
注意: 为了使用这个脚本, MySQL的监听程序必须允许来自扫描的
IP地址的连接。
___________________________________________________________________
It was not possible to login into your MySQL database remotely (possibly due to remote access
restrictions on the DB user 'root'). However, your MySQL server version is found to be one
of the vulnerable versions so exploitation is possible for users with remote access.
Solution: Upgrade to MySQL 4.1.3 or newer
Risk Factor: High
BUGTRAQ_ID : 10654, 10655
NESSUS_ID : 12639 |
|