MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://secunia.com/advisories/32759
http://secunia.com/advisories/32769
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
http://www.openwall.com/lists/oss-security/2008/09/09/20
http://www.openwall.com/lists/oss-security/2008/09/16/3
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
67998 | Oracle Linux 4 : mysql (ELSA-2010-0110) | Nessus | Oracle Linux Local Security Checks | high |
63890 | RHEL 5 : mysql (RHSA-2009:1289) | Nessus | Red Hat Local Security Checks | high |
17812 | MySQL < 5.0.88 / 5.1.42 / 5.5.0 / 6.0.14 MyISAM CREATE TABLE Privilege Check Bypass | Nessus | Databases | medium |
57446 | GLSA-201201-02 : MySQL: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
44647 | CentOS 4 : mysql (CESA-2010:0110) | Nessus | CentOS Local Security Checks | high |
44635 | RHEL 4 : mysql (RHSA-2010:0110) | Nessus | Red Hat Local Security Checks | high |
43782 | CentOS 5 : mysql (CESA-2009:1289) | Nessus | CentOS Local Security Checks | high |
41243 | SuSE9 Security Update : MySQL (YOU Patch Number 12256) | Nessus | SuSE Local Security Checks | medium |
40026 | openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-210) | Nessus | SuSE Local Security Checks | medium |
37299 | Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : mysql-dfsg-5.0 vulnerabilities (USN-671-1) | Nessus | Ubuntu Local Security Checks | medium |
36943 | Mandriva Linux Security Advisory : mysql (MDVSA-2009:094) | Nessus | Mandriva Local Security Checks | medium |
35279 | FreeBSD : mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths (738f8f9e-d661-11dd-a765-0030843d3802) | Nessus | FreeBSD Local Security Checks | medium |
35248 | openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5619) | Nessus | SuSE Local Security Checks | medium |
34985 | openSUSE 10 Security Update : mysql (mysql-5613) | Nessus | SuSE Local Security Checks | medium |
34765 | SuSE 10 Security Update : MySQL (ZYPP Patch Number 5618) | Nessus | SuSE Local Security Checks | medium |