User Enumeration Vulnerability in Oracle MySQL and MariaDB
CVE-2012-5615

Currently unrated

Key Information:

Vendor

Mariadb

Status
Mariadb
Mysql
Vendor
CVE Published:
3 December 2012

What is CVE-2012-5615?

The vulnerability in Oracle MySQL and MariaDB facilitates user enumeration through differential error messages. When a user submits a request with a username, the system generates specific error messages along with varying time delays, indicating whether the username exists. This behavior can be exploited by remote attackers to systematically determine valid usernames, posing a significant risk to database security and potentially enabling further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/53372
third-party-advisoryx_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2012/12/02/3
mailing-listx_refsource_MLIST

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.