New Search

MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.

oval:org.mitre.oval:def:10105

MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2006-4227
Product(s):