4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
mysql is vulnerable to privilege escalation. The vulnerability exists when the βdatadirβ option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.
bugs.mysql.com/bug.php?id=32167
dev.mysql.com/doc/refman/5.0/en/symbolic-links-to-tables.html
dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
lists.mysql.com/commits/89940
lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
marc.info/?l=oss-security&m=125908040022018&w=2
marc.info/?l=oss-security&m=125908080222685&w=2
secunia.com/advisories/38517
secunia.com/advisories/38573
support.apple.com/kb/HT4077
ubuntu.com/usn/usn-897-1
www.debian.org/security/2010/dsa-1997
www.openwall.com/lists/oss-security/2009/11/19/3
www.openwall.com/lists/oss-security/2009/11/24/6
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2010-0109.html
www.redhat.com/support/errata/RHSA-2010-0110.html
www.ubuntu.com/usn/USN-1397-1
www.vupen.com/english/advisories/2010/1107
access.redhat.com/errata/RHSA-2010:0109
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156