Rapid7 Vulnerability & Exploit Database

USN-950-1: MySQL vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-950-1: MySQL vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

06/07/2010

Created

07/25/2018

Added

05/06/2013

Modified

07/09/2020

Description

Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.

Solution(s)

ubuntu-upgrade-mysql-server-5-0
ubuntu-upgrade-mysql-server-5-1

References

https://attackerkb.com/topics/cve-2010-1621
APPLE-SA-2010-11-10-1
39543
40257
CVE - 2010-1621
CVE - 2010-1626
CVE - 2010-1848
CVE - 2010-1849
CVE - 2010-1850
OVAL10258
OVAL10846
OVAL6693
OVAL7210
OVAL7328
OVAL9490
RHSA-2010:0442
RHSA-2010:0824
USN-950-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

USN-950-1: MySQL vulnerabilities

USN-950-1: MySQL vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.