CVE-2001-1255

Description

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.

Affected products

• mysql / winmysqladmin1.1 – 1.1
• oracle / mysql3.23 – 3.23

References

• MISChttp://www.iss.net/security_center/static/7206.php
• MISChttp://online.securityfocus.com/archive/1/217848
• MISChttp://www.securityfocus.com/bid/3381