MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability

MySQL-GUI-tools is prone to a local remote information-disclosure vulnerability.

Local attackers may exploit this issue to obtain sensitive information, such as credentials, that may aid in further attacks.

Information

Bugtraq ID: 97959
Class: Design Error
CVE: CVE-2010-4177

Remote: No
Local: Yes
Published: Nov 18 2010 12:00AM
Updated: Nov 18 2010 12:00AM
Credit: Martin Drescher
Vulnerable: Oracle MySQL-GUI-tools 0

Not Vulnerable:

Exploit

Attackers require local interactive access to an affected computer to exploit this issue.

References:

Bug 655018 CVE-2010-4177 CVE-2010-4178 mysql-gui-tools various flaws (Redhat)
MySQL Home Page (MySQL)
Bug 655015 CVE-2010-4177 mysql-gui-tools (mysql-query-browser): Clear text pass (Redhat)
Clear text password in process list when using MySQL GUI tools (Openwall)

Source: www.securityfocus.com

Exploit Collector

Search Exploit