CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0627

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile7.04th
PublishedDec 6, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.

Affected Platforms (CPE)

πŸ“¦
Mysql

Mysql

= 4.1.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0001.html
πŸ”— http://marc.info/?l=bugtraq&m=108904917528205&w=2
πŸ”— http://www.kb.cert.org/vuls/id/184030
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0001.html
πŸ”— http://marc.info/?l=bugtraq&m=108904917528205&w=2
πŸ”— http://www.kb.cert.org/vuls/id/184030

Related Vulnerabilities

CVE-2004-083610.0

Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers t...

CVE-2004-062810.0

Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and...

CVE-2026-4926110.0

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 th...

CVE-2005-068410.0

Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (...