Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be encrypted" statement), which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Perl DBD::mysql模块安全漏洞
Vulnerability Description
Perl是美国程序员拉里-沃尔(Larry Wall)所研发的一种免费且功能强大的跨平台编程语言。DBD::mysql是用于其中的一个MySQL的Perl5数据库接口(Database Interface,DBI)驱动模块。 Perl DBD::mysql模块4.043及之前的版本中存在安全漏洞。攻击者可利用该漏洞实施中间人攻击,冒充可信的服务器。
CVSS Information
N/A
Vulnerability Type
N/A