Back to search
CVE-2004-0835
Published: Oct 16, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://bugs.mysql.com/bug.php?id=3270
x_refsource_MISC
http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html
x_refsource_CONFIRM
RHSA-2004:611
vendor-advisory
x_refsource_REDHAT
12783
third-party-advisory
x_refsource_SECUNIA
DSA-562
vendor-advisory
x_refsource_DEBIAN
101864
vendor-advisory
x_refsource_SUNALERT
11357
vdb-entry
x_refsource_BID
CLA-2004:892
vendor-advisory
x_refsource_CONECTIVA
http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html
x_refsource_CONFIRM
mysql-alter-restriction-bypass(17666)
vdb-entry
x_refsource_XF
RHSA-2004:597
vendor-advisory
x_refsource_REDHAT
P-018
third-party-advisory
government-resource
x_refsource_CIAC
GLSA-200410-22
vendor-advisory
x_refsource_GENTOO
2004-0054
vendor-advisory
x_refsource_TRUSTIX
http://lists.mysql.com/internals/13073
x_refsource_MISC
1011606
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now