Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24048
HistoryApr 10, 2020 - 12:45 a.m.

Symlink Attack

2020-04-1000:45:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20

EPSS

0.001

Percentile

31.1%

MySQL is vulnerable to symlink attack. A flaw was discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges, and shell access to the database server, could use this flaw to remove data and index files of tables created by other database users using the MyISAM storage engine.