| Revision Date: | 2013-04-29 | Version: | 12 |
| Title: | MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. |
| Description: | MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2006-4227
|
| Platform(s): | CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
| Product(s): | |
| Definition Synopsis |
| RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
mysql is earlier than 0:5.0.45-7.el5
OR mysql-devel is earlier than 0:5.0.45-7.el5
OR mysql-test is earlier than 0:5.0.45-7.el5
OR mysql-bench is earlier than 0:5.0.45-7.el5
OR mysql-server is earlier than 0:5.0.45-7.el5
|