Definition


New Search

MySQL 4.0.23 and earlier and 4.1.x up to 4.1.10 allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table which is processed by the udf_init function.

oval:org.mitre.oval:def:10180

MySQL 4.0.23 and earlier and 4.1.x up to 4.1.10 allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table which is processed by the udf_init function.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • CentOS Linux 4
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-0710
Product(s):