33 matches found
TYPO3 Extension Faceted Search 代码问题漏洞
TYPO3 Extension Faceted Search is an open-source extension for TYPO3 that enables faceted searching. TYPO3 Extension Faceted Search has code-related vulnerabilities. These vulnerabilities stem from the OOXML parsing in the file indexer, where external entity parsing is not disabled. This could...
EUVD-2012-4383
Malware in sbrugna...
SUSE CVE-2008-4098
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time a...
SUSE CVE-2008-4097
MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed wh...
SUSE CVE-2009-4030
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future...
Authorization Bypass
mysql is vulnerable to authorization bypass. The vulnerability exists as it was discovered that the Red Hat Security Advisory RHSA-2008:0505, for Red Hat Application Stack v2.1, provided an incomplete fix for the flaw where MySQL did not correctly check directories used as arguments for the DATA...
MySQL Privilege Escalation Vulnerability - Windows
MySQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescripti...
MySQL Privilege Escalation Vulnerability - Linux
MySQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescripti...
Oracle Linux 4 : mysql (ELSA-2010-0110)
From Red Hat Security Advisory 2010:0110 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL...
mysql: regression of CVE-2009-4030
MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point...
PT-2012-5408 · Oracle +1 · Mysql Server +1
Name of the Vulnerable Software and Affected Versions: MySQL versions 5.0.88 and possibly other versions Description: The issue allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments. These argument...
MySQL < 5.0.88 / 5.1.42 / 5.5.0 / 6.0.14 MyISAM CREATE TABLE Privilege Check Bypass
The version of MySQL installed on the remote host is earlier than 5.0.88 / 5.1.42 / 5.5.0 / 6.0.14 and thus reportedly allows a local user to circumvent privileges through creation of MyISAM tables using the 'DATA DIRECTORY' and 'INDEX DIRECTORY' options to overwrite existing table files in the...
Privilege escalation vulnerability when administrator access is compromised
panel:borderColor=ff0000|borderStyle=solid|bgColor=ffccccNote: This issue is superceded by JRA-21004. Please install the patches on that issue, rather than this one. For more details, see JIRA Security Advisory -...
mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future...
mysql: incomplete upstream fix for CVE-2008-2079
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time a...
mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future...
Ubuntu: Security Advisory (USN-897-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-7247
CVE-2008-7247 affects MySQL in 5.0.x (up to 5.0.88), 5.1.x (up to 5.1.41), and 6.0 (before 6.0.9-alpha). The issue occurs when the data home directory contains a symlink to a different filesystem; remote authenticated users can bypass access restrictions by issuing CREATE TABLE with a (1) DATA DI...
SuSE9 Security Update : MySQL (YOU Patch Number 12175)
The database server mySQL was updated to fix two security problems : - MySQL allowed local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are within the MySQL home data directory, which can poin...
mysql: privilege escalation via DATA/INDEX DIRECTORY directives
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are within the MySQL home data directory,...