MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
http://bugs.mysql.com/bug.php?id=32167
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://secunia.com/advisories/32578
http://secunia.com/advisories/32759
http://secunia.com/advisories/32769
http://secunia.com/advisories/38517
http://ubuntu.com/usn/usn-897-1
http://www.debian.org/security/2008/dsa-1662
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
http://www.openwall.com/lists/oss-security/2008/09/09/20
http://www.openwall.com/lists/oss-security/2008/09/16/3
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.redhat.com/support/errata/RHSA-2010-0110.html
http://www.ubuntu.com/usn/USN-1397-1
http://www.ubuntu.com/usn/USN-671-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/45649
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10591
OR
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
OR
OR
cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.28:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.34:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.36:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.40:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.44:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.46:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.48:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.50:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.56:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.60:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.62:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
80705 | Oracle Solaris Third-Party Patch Update : mysql (multiple_vulnerabilities_in_mysql) | Nessus | Solaris Local Security Checks | medium |
67998 | Oracle Linux 4 : mysql (ELSA-2010-0110) | Nessus | Oracle Linux Local Security Checks | high |
67997 | Oracle Linux 5 : mysql (ELSA-2010-0109) | Nessus | Oracle Linux Local Security Checks | medium |
63890 | RHEL 5 : mysql (RHSA-2009:1289) | Nessus | Red Hat Local Security Checks | high |
60736 | Scientific Linux Security Update : mysql on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | medium |
60735 | Scientific Linux Security Update : mysql on SL4.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
58325 | Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1397-1) | Nessus | Ubuntu Local Security Checks | high |
57446 | GLSA-201201-02 : MySQL: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
44948 | CentOS 5 : mysql (CESA-2010:0109) | Nessus | CentOS Local Security Checks | medium |
44647 | CentOS 4 : mysql (CESA-2010:0110) | Nessus | CentOS Local Security Checks | high |
44635 | RHEL 4 : mysql (RHSA-2010:0110) | Nessus | Red Hat Local Security Checks | high |
44634 | RHEL 5 : mysql (RHSA-2010:0109) | Nessus | Red Hat Local Security Checks | medium |
44585 | Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-897-1) | Nessus | Ubuntu Local Security Checks | high |
43782 | CentOS 5 : mysql (CESA-2009:1289) | Nessus | CentOS Local Security Checks | high |
43045 | Mandriva Linux Security Advisory : mysql (MDVSA-2009:326) | Nessus | Mandriva Local Security Checks | high |
41243 | SuSE9 Security Update : MySQL (YOU Patch Number 12256) | Nessus | SuSE Local Security Checks | medium |
40026 | openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-210) | Nessus | SuSE Local Security Checks | medium |
37299 | Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : mysql-dfsg-5.0 vulnerabilities (USN-671-1) | Nessus | Ubuntu Local Security Checks | medium |
36943 | Mandriva Linux Security Advisory : mysql (MDVSA-2009:094) | Nessus | Mandriva Local Security Checks | medium |
35279 | FreeBSD : mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths (738f8f9e-d661-11dd-a765-0030843d3802) | Nessus | FreeBSD Local Security Checks | medium |
35248 | openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5619) | Nessus | SuSE Local Security Checks | medium |
34985 | openSUSE 10 Security Update : mysql (mysql-5613) | Nessus | SuSE Local Security Checks | medium |
34765 | SuSE 10 Security Update : MySQL (ZYPP Patch Number 5618) | Nessus | SuSE Local Security Checks | medium |
4743 | Oracle MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass | Nessus Network Monitor | Database | medium |
34727 | MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass | Nessus | Databases | medium |
34700 | Debian DSA-1662-1 : mysql-dfsg-5.0 - authorization bypass | Nessus | Debian Local Security Checks | medium |
34159 | MySQL Community Server 5.0 < 5.0.67 Multiple Vulnerabilities | Nessus | Databases | high |
801141 | MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass | Log Correlation Engine | Database | medium |