4.6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
mysql is vulnerable to privilege escalation. The vulnerability exists as MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker could elevate their access privileges to tables created by other database users. Note: this attack does not work on existing tables. An attacker can only elevate their access to another userβs tables as the tables are created. As well, the names of these created tables need to be predicted correctly for this attack to succeed.
bugs.mysql.com/bug.php?id=32167
dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html
dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html
dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html
lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
secunia.com/advisories/30134
secunia.com/advisories/31066
secunia.com/advisories/31226
secunia.com/advisories/31687
secunia.com/advisories/32222
secunia.com/advisories/32769
secunia.com/advisories/36566
secunia.com/advisories/36701
support.apple.com/kb/HT3216
support.apple.com/kb/HT3865
www.debian.org/security/2008/dsa-1608
www.mandriva.com/security/advisories?name=MDVSA-2008:149
www.mandriva.com/security/advisories?name=MDVSA-2008:150
www.redhat.com/docs/en-US/Red_Hat_Application_Stack/2.1/html-single/Release_Notes/
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0505.html
www.redhat.com/support/errata/RHSA-2008-0510.html
www.redhat.com/support/errata/RHSA-2008-0768.html
www.redhat.com/support/errata/RHSA-2009-1289.html
www.securityfocus.com/bid/29106
www.securityfocus.com/bid/31681
www.securitytracker.com/id?1019995
www.ubuntu.com/usn/USN-671-1
www.vupen.com/english/advisories/2008/1472/references
www.vupen.com/english/advisories/2008/2780
access.redhat.com/errata/RHSA-2008:0505
exchange.xforce.ibmcloud.com/vulnerabilities/42267
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133