MySQL 5.0.18 Information Leak

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote database server is affected by an information leak
weakness.

Description :

The version of MySQL installed on the remote host allows local users
to read sensitive information via the following query :

SELECT * FROM information_schema.views


This issue is disputed. Some consider it as a normal behavior for an
SQL database.

See also :

http://www.securityfocus.com/archive/1/archive/1/423432/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/423228/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/423204/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/423180/30/7310/threaded
http://www.securityfocus.com/archive/1/archive/1/422491/100/0/threaded
http://www.securityfocus.com/archive/1/422698/100/0/threaded
http://www.securityfocus.com/archive/1/422592/100/0/threaded

Solution :

n/a

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)

Family: Databases

Nessus Plugin ID: 17830 ()

Bugtraq ID:

CVE ID: CVE-2006-0369