Vulnerability & Exploit Database

Back to search

MySQL DATA DIRECTORY and INDEX DIRECTORY symlink system table overwrite

Severity CVSS Published Added Modified
7 (AV:N/AC:H/Au:S/C:C/I:C/A:C) December 10, 2007 June 22, 2008 February 13, 2015

Description

MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

mysql-upgrade-5_0_51

Related Vulnerabilities