CVE-2012-5615
published 2012-12-03CVE-2012-5615: Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error…
PriorityP338medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
14.78%
96.3th percentile
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mariadb | mariadb | — | — |
| mariadb | mariadb | — | — |
| mariadb | mariadb | — | — |
| mariadb | mariadb | — | — |
| oracle | mysql | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
MySQL vulnerabilities
vendor_ubuntu·2014-10-15
CVE-2012-5615 MySQL vulnerabilities
Title: MySQL vulnerabilities
Summary: Several security issues were fixed in MySQL.
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
mysql: Remote Preauth User Enumeration flaw
vendor_redhat·2012-12-01·CVSS 5.0
CVE-2012-5615 [MEDIUM] CWE-209 mysql: Remote Preauth User Enumeration flaw
mysql: Remote Preauth User Enumeration flaw
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
Package: mysql (Red Hat Enterprise Linux 6) - Under investigation
GHSA
GHSA-7ccw-fmfw-7xm6: Oracle MySQL 5
ghsa_unreviewed·2022-05-17
CVE-2012-5615 [MEDIUM] CWE-200 GHSA-7ccw-fmfw-7xm6: Oracle MySQL 5
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
OSV
CVE-2012-5615: Oracle MySQL 5
osv·2012-12-03·CVSS 5.0
CVE-2012-5615 [MEDIUM] CVE-2012-5615: Oracle MySQL 5
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
No detection rules found.
Exploit-DB
MySQL - Remote User Enumeration
exploitdb·2012-12-02
CVE-2012-5615 MySQL - Remote User Enumeration
MySQL - Remote User Enumeration
---
# MySQL User Account Enumeration Utility
# When an attacker authenticates using an incorrect password
# with the old authentication mechanism from mysql 4.x and below to a mysql 5.x server
# the mysql server will respond with a different message than Access Denied, what makes
# User Account Enumeration possible.
# The Downside is that the attacker has to reconnect for each user enumeration attempt
#20000 user accounts in 7 minutes
#Mon Jan 16 09:00:18 UTC 2012
#Mon Jan 16 09:07:26 UTC 2012
#root@vs2067037:~# wc -l MEDIUM.LST
#21109 MEDIUM.LST
#A usernames.txt wordlist is included in this package
#examples:
#root@vs2067037:~# perl mysqlenum.pl host usernames.txt
#
#[*] HIT! -- USER EXISTS: administrator@host
#
#root@vs2067037:~# perl mysqlenum.pl host u
Exploit-DB
MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution
exploitdb·2012-12-02
CVE-2012-5615 MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution
MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution
---
***
FARLiGHT ELiTE HACKERS LEGACY R3L3ASE
***
Attached is the MySQL Windows Remote Exploit (post-auth, udf
technique) including the previously released mass scanner.
The exploit is mirrored at the farlight website http://www.farlight.org.
Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday
All owned By Kingcope
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23073.tar.gz
Installation Instructions
1. Install mysql client libraries and headers (UNIX)
RedHat based (e.g. CentOS):
yum install mysql mysql-devel
2. Compile the standalone exploit
issue commands:
gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient
3. Compile the reverse shell payload (this is require
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlhttp://seclists.org/fulldisclosure/2012/Dec/9http://secunia.com/advisories/53372http://security.gentoo.org/glsa/glsa-201308-06.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:102http://www.openwall.com/lists/oss-security/2012/12/02/3http://www.openwall.com/lists/oss-security/2012/12/02/4http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttps://mariadb.atlassian.net/browse/MDEV-3909http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlhttp://seclists.org/fulldisclosure/2012/Dec/9http://secunia.com/advisories/53372http://security.gentoo.org/glsa/glsa-201308-06.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:102http://www.openwall.com/lists/oss-security/2012/12/02/3http://www.openwall.com/lists/oss-security/2012/12/02/4http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttps://mariadb.atlassian.net/browse/MDEV-3909
2012-12-03
Published