Vulnerability Name: | CVE-2007-2691 (CCN-34347) |
Assigned: | 2007-05-16 |
Published: | 2007-05-16 |
Updated: | 2018-10-19 |
Summary: | MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. |
CVSS v3 Severity: | 4.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): Low |
|
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:P) 4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:P/E:H/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial | 5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P) 4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P/E:H/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | Bypass Security |
References: | Source: MISC Type: Vendor Advisory http://bugs.mysql.com/bug.php?id=27515
Source: MITRE Type: CNA CVE-2007-2691
Source: CCN Type: MySQL 5.1 Reference Manual C.1.2. Changes in release 5.1.18 (08 May 2007)
Source: CONFIRM Type: Patch, Vendor Advisory http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html
Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2008-10-09
Source: MLIST Type: Vendor Advisory [announce] 20070712 MySQL Community Server 5.0.45 has been released!
Source: SUSE Type: Third Party Advisory SUSE-SR:2008:003
Source: OSVDB Type: Broken Link 34766
Source: CCN Type: RHSA-2007-0894 Important: mysql security update
Source: CCN Type: RHSA-2008-0364 Low: mysql security and bug fix update
Source: CCN Type: RHSA-2008-0768 Moderate: mysql security, bug fix, and enhancement update
Source: CCN Type: SA25301 MySQL Denial of Service Vulnerability and Multiple Security Issues
Source: SECUNIA Type: Third Party Advisory 25301
Source: SECUNIA Type: Third Party Advisory 25946
Source: SECUNIA Type: Third Party Advisory 26073
Source: SECUNIA Type: Third Party Advisory 26430
Source: SECUNIA Type: Third Party Advisory 27155
Source: SECUNIA Type: Third Party Advisory 27823
Source: SECUNIA Type: Third Party Advisory 28838
Source: SECUNIA Type: Third Party Advisory 30351
Source: SECUNIA Type: Third Party Advisory 31226
Source: CCN Type: SA32222 Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
Source: SECUNIA Type: Third Party Advisory 32222
Source: CCN Type: SECTRACK ID: 1018069 MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
Source: CCN Type: Apple Web site About Security Update 2008-007
Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT3216
Source: CCN Type: ASA-2007-382 MySQL security update (RHSA-2007-0894)
Source: CCN Type: ASA-2008-327 mysql security update (RHSA-2008-0768)
Source: DEBIAN Type: Third Party Advisory DSA-1413
Source: DEBIAN Type: DSA-1413 mysql -- multiple vulnerabilities
Source: MANDRIVA Type: Third Party Advisory MDKSA-2007:139
Source: CCN Type: MySQL Web site MySQL AB :: The world's most popular open source database
Source: CCN Type: OSVDB ID: 34766 MySQL RENAME TABLE Statement Arbitrary Table Name Modification
Source: REDHAT Type: Third Party Advisory RHSA-2007:0894
Source: REDHAT Type: Third Party Advisory RHSA-2008:0364
Source: REDHAT Type: Third Party Advisory RHSA-2008:0768
Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server
Source: BID Type: Third Party Advisory, VDB Entry 24016
Source: CCN Type: BID-24016 MySQL Rename Table Function Access Validation Vulnerability
Source: BID Type: Third Party Advisory, VDB Entry 31681
Source: CCN Type: BID-31681 RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities
Source: SECTRACK Type: Third Party Advisory, VDB Entry 1018069
Source: CCN Type: USN-528-1 MySQL vulnerabilities
Source: VUPEN Type: Third Party Advisory ADV-2007-1804
Source: VUPEN Type: Third Party Advisory ADV-2008-2780
Source: XF Type: Third Party Advisory, VDB Entry mysql-renametable-weak-security(34347)
Source: XF Type: UNKNOWN mysql-renametable-weak-security(34347)
Source: CONFIRM Type: Broken Link https://issues.rpath.com/browse/RPL-1536
Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:9559
Source: UBUNTU Type: Third Party Advisory USN-528-1
Source: SUSE Type: SUSE-SR:2008:003 SUSE Security Summary Report
|
Vulnerable Configuration: | Configuration 1: cpe:/a:mysql:mysql:*:*:*:*:*:*:*:* (Version <= 4.1.22)OR cpe:/a:mysql:mysql:*:*:*:*:*:*:*:* (Version >= 5.0 and < 5.0.42)OR cpe:/a:mysql:mysql:*:*:*:*:*:*:*:* (Version >= 5.1 and < 5.1.18) Configuration 2: cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:* Configuration 3: cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration RedHat 5: cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 6: cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 7: cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 8: cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 9: cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1: cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.13:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.18:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.1:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.10:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.10:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.11:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.12:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.12:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.13:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.14:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.14:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.15:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.15:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.16:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.17:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.18:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.19:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.2:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.20:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.21:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:4.1.22:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.1:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.10:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.10:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.11:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.12:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.13:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.14:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.15:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.15:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.16:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.16:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.17:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.17:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.19:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.1:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.2:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.20:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.20:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.21:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.22:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.24:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.27:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.3:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.33:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.37:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.3:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.4:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.4:a:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.5:-:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.6:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.7:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.8:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.0.9:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.14:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.15:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.16:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.17:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*OR cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*OR cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*OR cpe:/a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*AND cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
mysql mysql *
mysql mysql *
mysql mysql *
debian debian linux 3.1
debian debian linux 4.0
canonical ubuntu linux 6.06
canonical ubuntu linux 6.10
canonical ubuntu linux 7.04
mysql mysql 5.0
mysql mysql 4.1.13
mysql mysql 5.0.18
mysql mysql 4.1
mysql mysql 4.1.0
mysql mysql 4.1.0.0
mysql mysql 4.1.0 alpha
mysql mysql 4.1.1
mysql mysql 4.1.10
mysql mysql 4.1.10a
mysql mysql 4.1.11
mysql mysql 4.1.12
mysql mysql 4.1.12a
mysql mysql 4.1.13a
mysql mysql 4.1.14
mysql mysql 4.1.14a
mysql mysql 4.1.15
mysql mysql 4.1.15a
mysql mysql 4.1.16
mysql mysql 4.1.17
mysql mysql 4.1.18
mysql mysql 4.1.19
mysql mysql 4.1.2
mysql mysql 4.1.2 alpha
mysql mysql 4.1.20
mysql mysql 4.1.21
mysql mysql 4.1.22
mysql mysql 5.0.0
mysql mysql 5.0.0.0
mysql mysql 5.0.0 alpha
mysql mysql 5.0.1
mysql mysql 5.0.10
mysql mysql 5.0.10a
mysql mysql 5.0.11
mysql mysql 5.0.12
mysql mysql 5.0.13
mysql mysql 5.0.14
mysql mysql 5.0.15
mysql mysql 5.0.15a
mysql mysql 5.0.16
mysql mysql 5.0.16a
mysql mysql 5.0.17
mysql mysql 5.0.17a
mysql mysql 5.0.19
mysql mysql 5.0.1a
mysql mysql 5.0.2
mysql mysql 5.0.20
mysql mysql 5.0.20a
mysql mysql 5.0.21
mysql mysql 5.0.22
mysql mysql 5.0.24
mysql mysql 5.0.27
mysql mysql 5.0.3
mysql mysql 5.0.3 beta
mysql mysql 5.0.33
mysql mysql 5.0.37
mysql mysql 5.0.3a
mysql mysql 5.0.4
mysql mysql 5.0.4a
mysql mysql 5.0.5
mysql mysql 5.0.6
mysql mysql 5.0.7
mysql mysql 5.0.8
mysql mysql 5.0.9
mysql mysql 5.1.1
mysql mysql 5.1.10
mysql mysql 5.1.11
mysql mysql 5.1.12
mysql mysql 5.1.13
mysql mysql 5.1.14
mysql mysql 5.1.15
mysql mysql 5.1.16
mysql mysql 5.1.17
mysql mysql 5.1.2
mysql mysql 5.1.3
mysql mysql 5.1.4
mysql mysql 5.1.5
mysql mysql 5.1.6
mysql mysql 5.1.7
mysql mysql 5.1.8
mysql mysql 5.1.9
mysql mysql 5.0.22.1.0.1
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
debian debian linux 3.1
canonical ubuntu 6.06
mandrakesoft mandrake linux 2007
mandrakesoft mandrake linux 2007
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
mandrakesoft mandrake linux 2008.0
debian debian linux 4.0
canonical ubuntu 7.04
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
apple mac os x server 10.5
apple mac os x server 10.5.1
apple mac os x server 10.5.2
apple mac os x server 10.5.3
apple mac os x server 10.5.4
apple mac os x server 10.5.5