New Search

MySQL Community Server 5.0.x before 5.0.51 Enterprise Server 5.0.x before 5.0.52 Server 5.1.x before 5.1.23 and Server 6.0.x before 6.0.4 when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

oval:org.mitre.oval:def:10509

MySQL Community Server 5.0.x before 5.0.51 Enterprise Server 5.0.x before 5.0.52 Server 5.1.x before 5.1.23 and Server 6.0.x before 6.0.4 when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-5969
Product(s):