CVE-2002-1921
First published: Tue Dec 31 2002(Updated: )
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle MySQL Installer | =3.20.32a | |
| Oracle MySQL Installer | =3.22.26 | |
| Oracle MySQL Installer | =3.22.27 | |
| Oracle MySQL Installer | =3.22.28 | |
| Oracle MySQL Installer | =3.22.29 | |
| Oracle MySQL Installer | =3.22.30 | |
| Oracle MySQL Installer | =3.22.32 | |
| Oracle MySQL Installer | =3.23.2 | |
| Oracle MySQL Installer | =3.23.3 | |
| Oracle MySQL Installer | =3.23.4 | |
| Oracle MySQL Installer | =3.23.5 | |
| Oracle MySQL Installer | =3.23.8 | |
| Oracle MySQL Installer | =3.23.9 | |
| Oracle MySQL Installer | =3.23.10 | |
| Oracle MySQL Installer | =3.23.23 | |
| Oracle MySQL Installer | =3.23.24 | |
| Oracle MySQL Installer | =3.23.25 | |
| Oracle MySQL Installer | =3.23.26 | |
| Oracle MySQL Installer | =3.23.27 | |
| Oracle MySQL Installer | =3.23.28-gamma | |
| Oracle MySQL Installer | =3.23.28 | |
| Oracle MySQL Installer | =3.23.29 | |
| Oracle MySQL Installer | =3.23.30 | |
| Oracle MySQL Installer | =3.23.31 | |
| Oracle MySQL Installer | =3.23.34 | |
| Oracle MySQL Installer | =3.23.36 | |
| Oracle MySQL Installer | =3.23.37 | |
| Oracle MySQL Installer | =3.23.38 | |
| Oracle MySQL Installer | =3.23.39 | |
| Oracle MySQL Installer | =3.23.40 | |
| Oracle MySQL Installer | =3.23.41 | |
| Oracle MySQL Installer | =3.23.42 | |
| Oracle MySQL Installer | =3.23.43 | |
| Oracle MySQL Installer | =3.23.44 | |
| Oracle MySQL Installer | =3.23.45 | |
| Oracle MySQL Installer | =3.23.46 | |
| Oracle MySQL Installer | =3.23.47 | |
| Oracle MySQL Installer | =3.23.48 | |
| Oracle MySQL Installer | =3.23.49 | |
| Oracle MySQL Installer | =3.23.50 | |
| Oracle MySQL Installer | =3.23.51 | |
| Oracle MySQL Installer | =3.23.52 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-1921?
CVE-2002-1921 is classified as a medium severity vulnerability.
How do I fix CVE-2002-1921?
To mitigate CVE-2002-1921, configure MySQL to bind only to the loopback interface.
What versions are affected by CVE-2002-1921?
CVE-2002-1921 affects MySQL versions 3.20.32 through 3.23.52 on Windows.
Can CVE-2002-1921 lead to unauthorized access?
Yes, CVE-2002-1921 allows remote attackers to connect to the MySQL database if not properly configured.
Is CVE-2002-1921 specific to any operating system?
CVE-2002-1921 specifically affects MySQL when running on Windows.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/oracle
- canonical/oracle mysql
- version/oracle mysql/3.20.32a
- version/oracle mysql/3.22.26
- version/oracle mysql/3.22.27
- version/oracle mysql/3.22.28
- version/oracle mysql/3.22.29
- version/oracle mysql/3.22.30
- version/oracle mysql/3.22.32
- version/oracle mysql/3.23.2
- version/oracle mysql/3.23.3
- version/oracle mysql/3.23.4
- version/oracle mysql/3.23.5
- version/oracle mysql/3.23.8
- version/oracle mysql/3.23.9
- version/oracle mysql/3.23.10
- version/oracle mysql/3.23.23
- version/oracle mysql/3.23.24
- version/oracle mysql/3.23.25
- version/oracle mysql/3.23.26
- version/oracle mysql/3.23.27
- version/oracle mysql/3.23.28-gamma
- version/oracle mysql/3.23.28
- version/oracle mysql/3.23.29
- version/oracle mysql/3.23.30
- version/oracle mysql/3.23.31
- version/oracle mysql/3.23.34
- version/oracle mysql/3.23.36
- version/oracle mysql/3.23.37
- version/oracle mysql/3.23.38
- version/oracle mysql/3.23.39
- version/oracle mysql/3.23.40
- version/oracle mysql/3.23.41
- version/oracle mysql/3.23.42
- version/oracle mysql/3.23.43
- version/oracle mysql/3.23.44
- version/oracle mysql/3.23.45
- version/oracle mysql/3.23.46
- version/oracle mysql/3.23.47
- version/oracle mysql/3.23.48
- version/oracle mysql/3.23.49
- version/oracle mysql/3.23.50
- version/oracle mysql/3.23.51
- version/oracle mysql/3.23.52