Embedded Link
Security flaw in MySQL, MariaDB allows access with any password—just keep submitting it
When the latest release of MariaDB was announced in April by MontyProgram AB founder and MySQL creator Michael “Monty” Widenius, it came with a warning from Widenius that a severe security bug had been discovered in previous versions of both MariaDB and MySQL. Oracle subsequently released a patch for MySQL. Now the details of the flaw, and the extent of the vulnerability, have been revealed: it could allow anyone who knows a valid user account on…