7.1

CVE-2007-5969

Exploit
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Server Version5.1.22
MysqlMysql Server Version6.0
MysqlMysql Server Version6.0.1
MysqlMysql Server Version6.0.2
MysqlMysql Server Version6.0.3
MysqlCommunity Server Version <= 5.0.50
MysqlCommunity Server Version5.0.41
MysqlCommunity Server Version5.0.44
MysqlCommunity Server Version5.0.45
MysqlMysql Enterprise Server Version5.0.50
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.26% 0.961
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 3.9 10
AV:N/AC:H/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
http://secunia.com/advisories/28838
Vendor Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://secunia.com/advisories/32222
Vendor Advisory
http://support.apple.com/kb/HT3216
http://www.securityfocus.com/bid/31681
Patch
http://www.vupen.com/english/advisories/2008/2780
Vendor Advisory
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
http://www.vupen.com/english/advisories/2008/1000/references
Vendor Advisory
http://secunia.com/advisories/28040
Vendor Advisory
http://secunia.com/advisories/28108
Vendor Advisory
http://secunia.com/advisories/28128
Vendor Advisory
http://secunia.com/advisories/28343
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959
http://www.debian.org/security/2008/dsa-1451
http://www.mandriva.com/security/advisories?name=MDKSA-2007:243
https://usn.ubuntu.com/559-1/
http://secunia.com/advisories/28025
Vendor Advisory
http://secunia.com/advisories/28099
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-1155.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-1157.html
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html
http://bugs.mysql.com/32111
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html
http://forums.mysql.com/read.php?3%2C186931%2C186931
http://lists.mysql.com/announce/495
Vendor Advisory
Exploit
http://secunia.com/advisories/27981
Vendor Advisory
http://secunia.com/advisories/28063
Vendor Advisory
http://secunia.com/advisories/28559
Vendor Advisory
http://secunia.com/advisories/29706
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200804-04.xml
http://www.securityfocus.com/archive/1/486477/100/0/threaded
http://www.securityfocus.com/bid/26765
http://www.securitytracker.com/id?1019060
http://www.vupen.com/english/advisories/2007/4142
Vendor Advisory
http://www.vupen.com/english/advisories/2007/4198
Vendor Advisory
http://www.vupen.com/english/advisories/2008/0560/references
Vendor Advisory
https://issues.rpath.com/browse/RPL-1999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509