CVE-2008-2079

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.

References

http://bugs.mysql.com/bug.php?id=32167

http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html

http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

http://secunia.com/advisories/30134

http://secunia.com/advisories/31066

http://secunia.com/advisories/31226

http://secunia.com/advisories/31687

http://secunia.com/advisories/32222

http://secunia.com/advisories/32769

http://secunia.com/advisories/36566

http://secunia.com/advisories/36701

http://support.apple.com/kb/HT3216

http://support.apple.com/kb/HT3865

http://www.debian.org/security/2008/dsa-1608

http://www.mandriva.com/security/advisories?name=MDVSA-2008:149

http://www.mandriva.com/security/advisories?name=MDVSA-2008:150

http://www.redhat.com/support/errata/RHSA-2008-0505.html

http://www.redhat.com/support/errata/RHSA-2008-0510.html

http://www.redhat.com/support/errata/RHSA-2008-0768.html

http://www.redhat.com/support/errata/RHSA-2009-1289.html

http://www.securityfocus.com/bid/29106

http://www.securityfocus.com/bid/31681

http://www.securitytracker.com/id?1019995

http://www.ubuntu.com/usn/USN-671-1

http://www.vupen.com/english/advisories/2008/1472/references

http://www.vupen.com/english/advisories/2008/2780

https://exchange.xforce.ibmcloud.com/vulnerabilities/42267

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133

Details

Source: MITRE

Published: 2008-05-05

Updated: 2019-12-17

Type: CWE-264

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
67998Oracle Linux 4 : mysql (ELSA-2010-0110)NessusOracle Linux Local Security Checks
high
67997Oracle Linux 5 : mysql (ELSA-2010-0109)NessusOracle Linux Local Security Checks
medium
63890RHEL 5 : mysql (RHSA-2009:1289)NessusRed Hat Local Security Checks
high
60736Scientific Linux Security Update : mysql on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60735Scientific Linux Security Update : mysql on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
60655Scientific Linux Security Update : mysql on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60451Scientific Linux Security Update : mysql on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
44948CentOS 5 : mysql (CESA-2010:0109)NessusCentOS Local Security Checks
medium
44647CentOS 4 : mysql (CESA-2010:0110)NessusCentOS Local Security Checks
high
44635RHEL 4 : mysql (RHSA-2010:0110)NessusRed Hat Local Security Checks
high
44634RHEL 5 : mysql (RHSA-2010:0109)NessusRed Hat Local Security Checks
medium
43782CentOS 5 : mysql (CESA-2009:1289)NessusCentOS Local Security Checks
high
42900MySQL 5.1 < 5.1.41 Multiple VulnerabilitiesNessusDatabases
medium
801137MySQL < 5.1.41 Multiple VulnerabilitiesLog Correlation EngineDatabase
medium
5240Oracle MySQL < 5.1.41 Multiple VulnerabilitiesNessus Network MonitorDatabase
high
41217SuSE9 Security Update : MySQL (YOU Patch Number 12175)NessusSuSE Local Security Checks
medium
40945Mac OS X Multiple Vulnerabilities (Security Update 2009-005)NessusMacOS X Local Security Checks
critical
37407Mandriva Linux Security Advisory : mysql (MDVSA-2008:149)NessusMandriva Local Security Checks
medium
37299Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : mysql-dfsg-5.0 vulnerabilities (USN-671-1)NessusUbuntu Local Security Checks
medium
36561Mandriva Linux Security Advisory : mysql (MDVSA-2008:150)NessusMandriva Local Security Checks
high
35279FreeBSD : mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths (738f8f9e-d661-11dd-a765-0030843d3802)NessusFreeBSD Local Security Checks
medium
34727MySQL Enterprise Server 5.0 < 5.0.70 Privilege BypassNessusDatabases
medium
34374Mac OS X Multiple Vulnerabilities (Security Update 2008-007)NessusMacOS X Local Security Checks
critical
34159MySQL Community Server 5.0 < 5.0.67 Multiple VulnerabilitiesNessusDatabases
high
34151FreeBSD : mysql -- MyISAM table privileges security bypass vulnerability (388d9ee4-7f22-11dd-a66a-0019666436c2)NessusFreeBSD Local Security Checks
medium
34093GLSA-200809-04 : MySQL: Privilege bypassNessusGentoo Local Security Checks
medium
33886SuSE 10 Security Update : MySQL (ZYPP Patch Number 5338)NessusSuSE Local Security Checks
medium
33885openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5341)NessusSuSE Local Security Checks
medium
33585RHEL 4 : mysql (RHSA-2008:0768)NessusRed Hat Local Security Checks
medium
33492Debian DSA-1608-1 : mysql-dfsg-5.0 - authorization bypassNessusDebian Local Security Checks
medium
4499Oracle MySQL Enterprise Server 5.0 < 5.0.60 MyISAM Table Privilege Check BypassNessus Network MonitorDatabase
medium
32138MySQL Enterprise Server 5.0 < 5.0.60 MyISAM CREATE TABLE Privilege Check BypassNessusDatabases
low
32137MySQL 4.1 < 4.1.24 MyISAM Create Table Privilege Check BypassNessusDatabases
low
4498Oracle MySQL 4.1 < 4.1.24 MyISAM Table Privilege Check BypassNessus Network MonitorDatabase
medium
801152MySQL 4.1 < 4.1.24 MyISAM Table Privilege Check BypassLog Correlation EngineDatabase
low
801131MySQL Enterprise Server 5.0 < 5.0.60 MyISAM Table Privilege Check BypassLog Correlation EngineDatabase
low