Oval Definition:oval:org.mitre.oval:def:10133
Revision Date:2013-04-29Version:12
Title:MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Description:MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-2079
Platform(s):CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • mysql is earlier than 0:4.1.22-2.el4
  • OR mysql-devel is earlier than 0:4.1.22-2.el4
  • OR mysql-bench is earlier than 0:4.1.22-2.el4
  • OR mysql-server is earlier than 0:4.1.22-2.el4
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • mysql is earlier than 0:5.0.77-3.el5
  • OR mysql-devel is earlier than 0:5.0.77-3.el5
  • OR mysql-test is earlier than 0:5.0.77-3.el5
  • OR mysql-bench is earlier than 0:5.0.77-3.el5
  • OR mysql-server is earlier than 0:5.0.77-3.el5
    • BACK