Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.

The vulnerability occurs only on *NIX based systems and Microsoft Windows systems are not affected by this vulnerability.

No official patch is available for MySQL 5.0.x, because that version of thedatabase server is no longer supported by Oracle. However, some Linux vendors might backport the patch from MySQL 5.1 or 5.5. This also affects people with personal blogs on private Linux hosts that use MySQL back-ends for web applications such as WordPress, Joomla and Drupal.

Any Internet accessible MySQL database is extremely vulnerable, and those in security circles are warning of a wave of attacks. To reduce the risk, configure your MySQL databases to accept connections from only authorised IP addresses and try not to allow any public IPs access to the databases.

Original article: MySQL Vulnerability Allows Attackers to Bypass Password Verification

©2025 Interxect Services Limited. All Rights Reserved.