CVE-2009-4030

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.

References

http://bugs.mysql.com/bug.php?id=32167

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

http://lists.mysql.com/commits/89940

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html

http://marc.info/?l=oss-security&m=125908040022018&w=2

http://marc.info/?l=oss-security&m=125908080222685&w=2

http://secunia.com/advisories/38517

http://secunia.com/advisories/38573

http://support.apple.com/kb/HT4077

http://ubuntu.com/usn/usn-897-1

http://www.debian.org/security/2010/dsa-1997

http://www.openwall.com/lists/oss-security/2009/11/19/3

http://www.openwall.com/lists/oss-security/2009/11/24/6

http://www.redhat.com/support/errata/RHSA-2010-0109.html

http://www.redhat.com/support/errata/RHSA-2010-0110.html

http://www.ubuntu.com/usn/USN-1397-1

http://www.vupen.com/english/advisories/2010/1107

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156

Details

Source: MITRE

Published: 2009-11-30

Updated: 2019-12-17

Type: CWE-59

Risk Information

CVSS v2

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
67998Oracle Linux 4 : mysql (ELSA-2010-0110)NessusOracle Linux Local Security Checks
high
67997Oracle Linux 5 : mysql (ELSA-2010-0109)NessusOracle Linux Local Security Checks
medium
63599Scientific Linux Security Update : mysql on SL5.x i386/x86_64 (20130108)NessusScientific Linux Local Security Checks
medium
62927MySQL 5.0.95 MyISAM Table Symbolic Link Local Restriction BypassNessusDatabases
medium
60736Scientific Linux Security Update : mysql on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60735Scientific Linux Security Update : mysql on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
58325Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1397-1)NessusUbuntu Local Security Checks
high
50935SuSE 11 Security Update : MySQL (SAT Patch Number 2317)NessusSuSE Local Security Checks
medium
50523SuSE9 Security Update : MySQL (YOU Patch Number 12661)NessusSuSE Local Security Checks
medium
49903SuSE 10 Security Update : MySQL (ZYPP Patch Number 6899)NessusSuSE Local Security Checks
high
48166Mandriva Linux Security Advisory : mysql (MDVSA-2010:012)NessusMandriva Local Security Checks
medium
46235openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)NessusSuSE Local Security Checks
medium
46232openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)NessusSuSE Local Security Checks
medium
46229openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)NessusSuSE Local Security Checks
medium
46220openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)NessusSuSE Local Security Checks
medium
46219openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)NessusSuSE Local Security Checks
medium
46218openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)NessusSuSE Local Security Checks
medium
5489Mac OS X < 10.6.3 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
45372Mac OS X 10.6.x < 10.6.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
45107SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)NessusSuSE Local Security Checks
high
44948CentOS 5 : mysql (CESA-2010:0109)NessusCentOS Local Security Checks
medium
44861Debian DSA-1997-1 : mysql-dfsg-5.0 - several vulnerabilitiesNessusDebian Local Security Checks
high
44647CentOS 4 : mysql (CESA-2010:0110)NessusCentOS Local Security Checks
high
44635RHEL 4 : mysql (RHSA-2010:0110)NessusRed Hat Local Security Checks
high
44634RHEL 5 : mysql (RHSA-2010:0109)NessusRed Hat Local Security Checks
medium
44585Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-897-1)NessusUbuntu Local Security Checks
high
44043Mandriva Linux Security Advisory : mysql (MDVSA-2010:011)NessusMandriva Local Security Checks
medium
42900MySQL 5.1 < 5.1.41 Multiple VulnerabilitiesNessusDatabases
medium