4.6

CVE-2008-2079

Exploit
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Version >= 4.1.0 < 4.1.24
MysqlMysql Version >= 5.0.0 < 5.0.60
MysqlMysql Version >= 5.1.0 < 5.1.24
OracleMysql Version >= 6.0.0 < 6.0.5
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.59% 0.832
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:N/AC:H/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/31226
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0768.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Third Party Advisory
http://secunia.com/advisories/31687
Third Party Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/32222
Third Party Advisory
http://support.apple.com/kb/HT3216
Third Party Advisory
http://www.securityfocus.com/bid/31681
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/2780
Third Party Advisory
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0505.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
Third Party Advisory
http://bugs.mysql.com/bug.php?id=32167
Patch
Vendor Advisory
Exploit
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html
Vendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html
Vendor Advisory
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html
Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/30134
Third Party Advisory
http://secunia.com/advisories/31066
Third Party Advisory
http://secunia.com/advisories/32769
Third Party Advisory
http://secunia.com/advisories/36566
Third Party Advisory
http://secunia.com/advisories/36701
Third Party Advisory
http://support.apple.com/kb/HT3865
Third Party Advisory
http://www.debian.org/security/2008/dsa-1608
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:149
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0510.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-1289.html
Third Party Advisory
http://www.securityfocus.com/bid/29106
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1019995
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-671-1
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1472/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42267
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133
Third Party Advisory