Oracle MySQL < 5.1.18 Multiple Vulnerabilities

2007-05-17T00:00:00
ID 3993.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The version of MySQL installed on the remote host reportedly is affected by three issues :

  • A user can rename a table without having DROP privileges.

-If a stored routine is declared as 'SQL SECURITY INVOKER', a user may be able to gain privileges by invoking that routine.

-A user with only ALTER privileges on a partitioned table can discover information about the table that should require SELECT privileges.

                                        
                                            Binary data 3993.prm