CVE-2012-5615

NONECVSS 0.0

0.0

Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.

🔗 References (22)

secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
secalert@redhathttp://seclists.org/fulldisclosure/2012/Dec/9
secalert@redhathttp://secunia.com/advisories/53372
secalert@redhathttp://security.gentoo.org/glsa/glsa-201308-06.xml
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2013:102
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/02/3
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/02/4
secalert@redhathttp://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
secalert@redhathttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
secalert@redhathttps://mariadb.atlassian.net/browse/MDEV-3909
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2012/Dec/9
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53372

Is Your Infrastructure Affected by CVE-2012-5615?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-5615

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-5615?