CVE-2006-1451
Summary
| CVE | CVE-2006-1451 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-05-12 21:02:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. |
Risk And Classification
Primary CVSS: v2.0 7.2 from [email protected]
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS: 0.000700000 probability, percentile 0.212530000 (date 2026-04-20)
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:L/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.osvdb.org/25595 | af854a3a-2127-422b-91ae-364da2661108 | www.osvdb.org | |
| US-CERT Technical Cyber Security Alert TA06-132A -- Apple Mac Products Affected by Multiple Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.us-cert.gov | US Government Resource |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Apple Mac OS X Security Update 2006-003 Multiple Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| APPLE-SA-2006-05-11 Security Update 2006-003 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Patch |
| Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.