CVE-2012-2122 PoC — MySQL/MariaDB安全绕过漏洞

Source

https://github.com/Avinza/CVE-2012-2122-scanner

Associated Vulnerability

Title:MySQL/MariaDB安全绕过漏洞 (CVE-2012-2122)
Description:MariaDB是美国Monty Program Ab公司和美国MariaDB基金会共同开发的一套免费开源的数据库管理系统，也是一个采用Maria存储引擎的MySQL分支版本。 MariaDB和MySQL在用户验证的处理上存在漏洞。攻击者可利用该漏洞绕过某些安全限制，也可能导致攻击者无需知道正确口令就能登录到MySQL服务器。MariaDB 5.1.62，5.2.12，5.3.6和5.5.23之前版本，MySQL 5.1.63、5.5.24、5.6.6之前版本中存在该漏洞。

Description

This is used to scan for CVE-2012-2122 vulnerable servers.

Readme

Usage:
php scanner.php 10.0.0.1/18 [block in cidr notation] 

Requirements:
        php5-cli

File Snapshot


 [4.0K]  /data/pocs/115d004860c0aad26a08d1fd97006ee80cd8dede
├── [  93]  README.md
└── [2.3K]  scan.php

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!