PROBLEM:
A security issue and vulnerability have been reported in MySQL
PLATFORM:
MySQL 5.x
ABSTRACT:
An error when verifying authentication attempts can be exploited to bypass the authentication mechanism.
Reference LINKS:
Original Advisory
CVE-2012-2122
Secunia Advisory 49409
IMPACT ASSESSMENT:
High
Discussion:
Successful exploitation of this vulnerability requires MySQL to be built on a system with a library that allows "memcmp()" to return a value outside of the -128 through 127 range (e.g. sse-optimized glibc). NOTE: Vendor binaries are reportedly not affected.
The security issue is reported in versions prior to 5.1.63 and 5.5.25.
Impact:
Security Bypass
Solution:
Update to version 5.1.63 or 5.5.25.