Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2009-4030
HistoryNov 30, 2009 - 5:30 p.m.

Privilege escalation

2009-11-3017:30:00
PRIOn knowledge base
www.prio-n.com
6

6.4 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.

CPENameOperatorVersion
mysqleq5.1.23
mysqleq5.1.32
mysqleq5.1.5
mysqleq5.1
mysqleq5.1.1
mysqleq5.1.2
mysqleq5.1.3
mysqleq5.1.4
mysqleq5.1.6
mysqleq5.1.7
Rows per page:
1-10 of 261

References

Related

ubuntucve 6
cve 6
nessus 60
openvas 76
securityvulns 6
freebsd 2
oraclelinux 5
centos 4
ubuntu 3
redhat 8
seebug 3
veracode 4
gentoo 1
debian 5
prion 5
osv 3
redhatcve 1
suse 1
ubuntucve
ubuntucve
CVE-2009-4030
2009-11-30 00:00:00
CVE-2008-2079
2008-05-05 00:00:00
CVE-2008-4097
2008-09-18 00:00:00
cve
cve
CVE-2009-4030
2009-11-30 17:30:00
CVE-2008-2079
2008-05-05 16:20:00
CVE-2008-4097
2008-09-18 15:04:00
nessus
nessus
MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass
2008-11-09 00:00:00
RHEL 5 : mysql (RHSA-2010:0109)
2010-02-17 00:00:00
Scientific Linux Security Update : mysql on SL4.x i386/x86_64
2012-08-01 00:00:00
openvas
openvas
CentOS Update for mysql CESA-2010:0110 centos4 i386
2010-02-19 00:00:00
Mandriva Update for mysql MDVSA-2010:011 (mysql)
2010-01-19 00:00:00
Mandriva Update for mysql MDVSA-2010:012 (mysql)
2010-01-19 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:012 ] mysql
2010-01-19 00:00:00
MySQL privilege escalation
2008-11-10 00:00:00
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
2008-11-10 00:00:00
freebsd
freebsd
mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths
2008-07-03 00:00:00
mysql -- MyISAM table privileges security bypass vulnerability
2008-05-05 00:00:00
oraclelinux
oraclelinux
mysql security update
2010-02-16 00:00:00
mysql security and bug fix update
2013-01-11 00:00:00
mysql security update
2010-02-16 00:00:00
centos
centos
mysql security update
2010-02-17 16:42:25
mysql security update
2013-01-09 20:34:31
mysql security update
2010-03-01 18:43:17
ubuntu
ubuntu
MySQL vulnerabilities
2008-11-17 00:00:00
MySQL vulnerabilities
2010-02-10 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
redhat
redhat
(RHSA-2010:0110) Moderate: mysql security update
2010-02-16 00:00:00
(RHSA-2008:0510) Moderate: Red Hat Application Stack v1.3 security and enhancement update
2008-07-02 00:00:00
(RHSA-2013:0121) Low: mysql security and bug fix update
2013-01-08 00:00:00
seebug
seebug
MySQL MyISAM葨绕过权限检ζŸ₯漏洞
2008-05-12 00:00:00
MySQL MyISAM葨符号链ζŽ₯ζœ¬εœ°ζƒι™ζε‡ζΌζ΄ž
2009-12-02 00:00:00
MySQL vulnerabilities
2010-02-13 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:22:36
Privilege Escalation
2020-04-10 00:43:13
Authorization Bypass
2020-04-10 00:32:25
gentoo
gentoo
MySQL: Privilege bypass
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass
2008-07-13 04:55:16
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
2008-11-06 04:20:00
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
2008-11-06 04:20:00
prion
prion
Privilege escalation
2008-05-05 16:20:00
Privilege escalation
2012-10-09 23:55:00
Privilege escalation
2008-09-18 15:04:00
osv
osv
mysql-dfsg-5.0 - authorization bypass
2008-07-13 00:00:00
mysql-dfsg-5.0 - authorization bypass
2008-11-06 00:00:00
mysql-dfsg-5.0 - several vulnerabilities
2010-02-14 00:00:00
redhatcve
redhatcve
CVE-2008-4097
2015-10-30 10:30:27
suse
suse
remote code execution in openwsman
2008-08-14 18:02:43

6.4 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON
Related for PRION:CVE-2009-4030
ubuntucve6cve6nessus60openvas76securityvulns6freebsd2oraclelinux5centos4ubuntu3redhat8seebug3veracode4gentoo1debian5prion5osv3redhatcve1suse1