MySQL Server Vulnerability in Proofpoint Protection Server
CVE-2004-2357

Currently unrated

Key Information:

Vendor: Proofpoint
Status: Proofpoint Protection Server
Vendor: CVE Published:; 31 December 2004

Summary

The embedded MySQL server within Proofpoint Protection Server lacks a password requirement for the root user. This oversight enables remote attackers to potentially access and alter the backend database without authentication, posing severe risks to data integrity and security.

References

http://marc.info/?l=full-disclosure&m=107745676915297&w=2

mailing-listx_refsource_FULLDISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/15280

vdb-entryx_refsource_XF

http://marc.info/?l=full-disclosure&m=107752568009182&w=2

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Aug 16, 2005
Vulnerability published
Dec 31, 2004