Vulnerability & Exploit Database

Back to search

MySQL DATA DIRECTORY and INDEX DIRECTORY symlink system table overwrite

Severity CVSS Published Added Modified
7 (AV:N/AC:H/Au:S/C:C/I:C/A:C) December 09, 2007 June 21, 2008 February 12, 2015

Description

MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

mysql-upgrade-5_0_51

Related Vulnerabilities