MySQL < 5.0.51 RENAME TABLE Symlink System Table Overwrite

Low Log Correlation Engine Plugin ID 801146


The remote database server is susceptible to a local symlink attack.


The version of MySQL installed on the remote host reportedly fails to check whether a file to which a symlink points exists when using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options. A local attacker may be able to leverage this issue to overwrite system table information by replacing the file to which the symlink points.


Upgrade to version 5.0.51 or higher.

See Also,186931,186931

Plugin Details

Severity: Low

ID: 801146

File Name: 801146.prm

Family: Database

Nessus ID: 29251

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.1

Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2007-5969

BID: 26765