MySQL Authenticatio Protocol Design Flaw and Atack - I. Arce, A. Azubel, E. Kargieman, G. Richarte, C. Sarraute and A. Waissbein
January 24, 2002
ABSTRACT
The MySQL challenge and response authentication protocol is proven insecure. Sensitive information is shown to be leaked during each execution of this protocol. We present an algorithm exploiting this vulnerability that enables a passive attacker to impersonate a valid user after witnessing a small number of protocol executions.
The paper concludes with statistical information and some effciency and effectiveness estimates.
--
There is also a Bugtrtaq advisory available from our site dating on October 2000.