Back to search
CVE-2008-2079
Published: May 5, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html
x_refsource_CONFIRM
SUSE-SR:2008:017
vendor-advisory
x_refsource_SUSE
USN-671-1
vendor-advisory
x_refsource_UBUNTU
mysql-myisam-security-bypass(42267)
vdb-entry
x_refsource_XF
1019995
vdb-entry
x_refsource_SECTRACK
31681
vdb-entry
x_refsource_BID
31687
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10133
vdb-entry
signature
x_refsource_OVAL
31226
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:1289
vendor-advisory
x_refsource_REDHAT
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
x_refsource_CONFIRM
RHSA-2008:0768
vendor-advisory
x_refsource_REDHAT
30134
third-party-advisory
x_refsource_SECUNIA
32769
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2009-09-10-2
vendor-advisory
x_refsource_APPLE
MDVSA-2008:149
vendor-advisory
x_refsource_MANDRIVA
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html
x_refsource_CONFIRM
32222
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1472
vdb-entry
x_refsource_VUPEN
31066
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT3865
x_refsource_CONFIRM
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html
x_refsource_CONFIRM
36701
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0505
vendor-advisory
x_refsource_REDHAT
ADV-2008-2780
vdb-entry
x_refsource_VUPEN
29106
vdb-entry
x_refsource_BID
RHSA-2008:0510
vendor-advisory
x_refsource_REDHAT
http://bugs.mysql.com/bug.php?id=32167
x_refsource_CONFIRM
MDVSA-2008:150
vendor-advisory
x_refsource_MANDRIVA
DSA-1608
vendor-advisory
x_refsource_DEBIAN
36566
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-10-09
vendor-advisory
x_refsource_APPLE
http://support.apple.com/kb/HT3216
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now