Oval Definition:oval:org.mitre.oval:def:442
Revision Date:2010-09-20Version:22
Title:MYSQL Privilege Escalation Vulnerability via INFO OUTFILE Select
Description:MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0150
Platform(s):Red Hat Linux 9
Product(s):MySQL
Definition Synopsis
  • Software section
  • Red Hat 9 is installed
  • AND ix86 architecture
  • AND mysql-server version is less than 3.23.56-1.9
  • AND Configuration section
  • mysqld is listening to the network
    • BACK