Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle MySQL 4.1 < 4.1.24 MyISAM Table Privilege Check Bypass

Medium

Synopsis

The remote database server allows a local user to circumvent privileges.

Description

The version of MySQL installed on the remote host reportedly allows a local user to circumvent privileges through creation of MyISAM tables using the 'DATA DIRECTORY' and 'INDEX DIRECTORY' options to overwrite existing table files in the application's data directory.

Solution

Upgrade to version 4.1.24 or higher.