Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle MySQL < 5.1.18 Multiple Vulnerabilities

Medium

Synopsis

The remote database server is affected by multiple vulnerabilities.

Description

The version of MySQL installed on the remote host reportedly is affected by three issues :

- A user can rename a table without having DROP privileges.

-If a stored routine is declared as 'SQL SECURITY INVOKER', a user may be able to gain privileges by invoking that routine.

-A user with only ALTER privileges on a partitioned table can discover information about the table that should require SELECT privileges.

Solution

Upgrade to version 5.1.18 or higher.