Lucene search

[email protected]NVD:CVE-2004-0957

HistoryFeb 09, 2005 - 5:00 a.m.

CVE-2004-0957

2005-02-0905:00:00

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.6%

JSON

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a “_” (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

Affected configurations

NVD

Node

openpkgopenpkgMatch2.1

openpkgopenpkgMatch2.2

openpkgopenpkgMatchcurrent

oraclemysqlMatch3.20

oraclemysqlMatch3.20.32a

oraclemysqlMatch3.21

oraclemysqlMatch3.22

oraclemysqlMatch3.22.26

oraclemysqlMatch3.22.27

oraclemysqlMatch3.22.28

oraclemysqlMatch3.22.29

oraclemysqlMatch3.22.30

oraclemysqlMatch3.22.32

oraclemysqlMatch3.23

oraclemysqlMatch3.23.2

oraclemysqlMatch3.23.3

oraclemysqlMatch3.23.4

oraclemysqlMatch3.23.5

oraclemysqlMatch3.23.8

oraclemysqlMatch3.23.9

oraclemysqlMatch3.23.10

oraclemysqlMatch3.23.22

oraclemysqlMatch3.23.23

oraclemysqlMatch3.23.24

oraclemysqlMatch3.23.25

oraclemysqlMatch3.23.26

oraclemysqlMatch3.23.27

oraclemysqlMatch3.23.28

oraclemysqlMatch3.23.28gamma

oraclemysqlMatch3.23.29

oraclemysqlMatch3.23.30

oraclemysqlMatch3.23.31

oraclemysqlMatch3.23.32

oraclemysqlMatch3.23.33

oraclemysqlMatch3.23.34

oraclemysqlMatch3.23.36

oraclemysqlMatch3.23.37

oraclemysqlMatch3.23.38

oraclemysqlMatch3.23.39

oraclemysqlMatch3.23.40

oraclemysqlMatch3.23.41

oraclemysqlMatch3.23.42

oraclemysqlMatch3.23.43

oraclemysqlMatch3.23.44

oraclemysqlMatch3.23.45

oraclemysqlMatch3.23.46

oraclemysqlMatch3.23.47

oraclemysqlMatch3.23.48

oraclemysqlMatch3.23.49

oraclemysqlMatch3.23.50

oraclemysqlMatch3.23.51

oraclemysqlMatch3.23.52

oraclemysqlMatch3.23.53

oraclemysqlMatch3.23.53a

oraclemysqlMatch3.23.54

oraclemysqlMatch3.23.54a

oraclemysqlMatch3.23.55

oraclemysqlMatch3.23.56

oraclemysqlMatch3.23.58

oraclemysqlMatch3.23.59

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.4

oraclemysqlMatch4.0.5

oraclemysqlMatch4.0.5a

oraclemysqlMatch4.0.6

oraclemysqlMatch4.0.7

oraclemysqlMatch4.0.7gamma

oraclemysqlMatch4.0.8

oraclemysqlMatch4.0.8gamma

oraclemysqlMatch4.0.9

oraclemysqlMatch4.0.9gamma

oraclemysqlMatch4.0.10

oraclemysqlMatch4.0.11

oraclemysqlMatch4.0.11gamma

oraclemysqlMatch4.0.12

oraclemysqlMatch4.0.13

oraclemysqlMatch4.0.14

oraclemysqlMatch4.0.15

oraclemysqlMatch4.0.18

oraclemysqlMatch4.0.20

Node

redhatenterprise_linuxMatch3.0advanced_server

redhatenterprise_linuxMatch3.0enterprise_server

redhatenterprise_linuxMatch3.0workstation_server

redhatenterprise_linux_desktopMatch3.0

susesuse_linuxMatch8.0

susesuse_linuxMatch8.1

susesuse_linuxMatch8.2

susesuse_linuxMatch9.0

susesuse_linuxMatch9.0x86_64

susesuse_linuxMatch9.1

susesuse_linuxMatch9.2

trustixsecure_linuxMatch1.5

trustixsecure_linuxMatch2.0

trustixsecure_linuxMatch2.1

ubuntuubuntu_linuxMatch4.1ia64

ubuntuubuntu_linuxMatch4.1ppc

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947

www.ciac.org/ciac/bulletins/p-018.shtml

www.debian.org/security/2005/dsa-707

www.mandriva.com/security/advisories?name=MDKSA-2005:070

www.redhat.com/support/errata/RHSA-2004-597.html

www.redhat.com/support/errata/RHSA-2004-611.html

exchange.xforce.ibmcloud.com/vulnerabilities/17783

www.ubuntu.com/usn/usn-32-1/

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.6%

JSON

Related for NVD:CVE-2004-0957

nessus10 openvas10 ubuntucve1 freebsd1 ubuntu2 cve1 cvelist1 debian2 osv1 redhat3