3 matches found
SUSE CVE-2008-2079
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are within the MySQL home data directory,...
GLSA-200809-04 : MySQL: Privilege bypass
The remote host is affected by the vulnerability described in GLSA-200809-04 MySQL: Privilege bypass Sergei Golubchik reported that MySQL imposes no restrictions on the specification of 'DATA DIRECTORY' or 'INDEX DIRECTORY' in SQL 'CREATE TABLE' statements. Impact : An authenticated remote attack...
MySQL: Privilege bypass
Background MySQL is a popular multi-threaded, multi-user SQL server. Description Sergei Golubchik reported that MySQL imposes no restrictions on the specification of "DATA DIRECTORY" or "INDEX DIRECTORY" in SQL "CREATE TABLE" statements. Impact An authenticated remote attacker could create MyISAM...