Oval Definition:	oval:org.mitre.oval:def:10105
Revision Date: 2013-04-29 Version: 12 Title: MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. Description: MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-4227 Platform(s): CentOS Linux 5 Oracle Linux 5 Red Hat Enterprise Linux 5 Product(s): Definition Synopsis RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x OR Oracle Linux 5.x AND Configuration section mysql is earlier than 0:5.0.45-7.el5 OR mysql-devel is earlier than 0:5.0.45-7.el5 OR mysql-test is earlier than 0:5.0.45-7.el5 OR mysql-bench is earlier than 0:5.0.45-7.el5 OR mysql-server is earlier than 0:5.0.45-7.el5
BACK