CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
28.5%
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a “_” (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
Vendor | Product | Version | CPE |
---|---|---|---|
openpkg | openpkg | 2.1 | cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:* |
openpkg | openpkg | 2.2 | cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:* |
openpkg | openpkg | current | cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:* |
oracle | mysql | 3.20 | cpe:2.3:a:oracle:mysql:3.20:*:*:*:*:*:*:* |
oracle | mysql | 3.20.32a | cpe:2.3:a:oracle:mysql:3.20.32a:*:*:*:*:*:*:* |
oracle | mysql | 3.21 | cpe:2.3:a:oracle:mysql:3.21:*:*:*:*:*:*:* |
oracle | mysql | 3.22 | cpe:2.3:a:oracle:mysql:3.22:*:*:*:*:*:*:* |
oracle | mysql | 3.22.26 | cpe:2.3:a:oracle:mysql:3.22.26:*:*:*:*:*:*:* |
oracle | mysql | 3.22.27 | cpe:2.3:a:oracle:mysql:3.22.27:*:*:*:*:*:*:* |
oracle | mysql | 3.22.28 | cpe:2.3:a:oracle:mysql:3.22.28:*:*:*:*:*:*:* |
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947
www.ciac.org/ciac/bulletins/p-018.shtml
www.debian.org/security/2005/dsa-707
www.mandriva.com/security/advisories?name=MDKSA-2005:070
www.redhat.com/support/errata/RHSA-2004-597.html
www.redhat.com/support/errata/RHSA-2004-611.html
exchange.xforce.ibmcloud.com/vulnerabilities/17783
www.ubuntu.com/usn/usn-32-1/