Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-4226
HistoryAug 18, 2006 - 8:04 p.m.

CVE-2006-4226

2006-08-1820:04:00
[email protected]
web.nvd.nist.gov
8

CVSS2

3.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

AI Score

6

Confidence

Low

EPSS

0.005

Percentile

75.9%

JSON

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

Affected configurations

Nvd
Node
mysqlmysqlMatch4.1.0
OR
mysqlmysqlMatch4.1.2
OR
mysqlmysqlMatch4.1.3
OR
mysqlmysqlMatch4.1.8
OR
mysqlmysqlMatch4.1.10
OR
mysqlmysqlMatch4.1.12
OR
mysqlmysqlMatch4.1.13
OR
mysqlmysqlMatch4.1.14
OR
mysqlmysqlMatch4.1.15
OR
mysqlmysqlMatch5.0.0
OR
mysqlmysqlMatch5.0.1
OR
mysqlmysqlMatch5.0.2
OR
mysqlmysqlMatch5.0.3
OR
mysqlmysqlMatch5.0.4
OR
mysqlmysqlMatch5.0.5
OR
mysqlmysqlMatch5.0.5.0.21
OR
mysqlmysqlMatch5.0.10
OR
mysqlmysqlMatch5.0.15
OR
mysqlmysqlMatch5.0.16
OR
mysqlmysqlMatch5.0.17
OR
mysqlmysqlMatch5.0.20
OR
mysqlmysqlMatch5.0.22.1.0.1
OR
mysqlmysqlMatch5.1.5
OR
oraclemysqlMatch4.0.0
OR
oraclemysqlMatch4.0.1
OR
oraclemysqlMatch4.0.2
OR
oraclemysqlMatch4.0.3
OR
oraclemysqlMatch4.0.4
OR
oraclemysqlMatch4.0.5
OR
oraclemysqlMatch4.0.5a
OR
oraclemysqlMatch4.0.6
OR
oraclemysqlMatch4.0.7
OR
oraclemysqlMatch4.0.7gamma
OR
oraclemysqlMatch4.0.8
OR
oraclemysqlMatch4.0.8gamma
OR
oraclemysqlMatch4.0.9
OR
oraclemysqlMatch4.0.9gamma
OR
oraclemysqlMatch4.0.10
OR
oraclemysqlMatch4.0.11
OR
oraclemysqlMatch4.0.11gamma
OR
oraclemysqlMatch4.0.12
OR
oraclemysqlMatch4.0.13
OR
oraclemysqlMatch4.0.14
OR
oraclemysqlMatch4.0.15
OR
oraclemysqlMatch4.0.16
OR
oraclemysqlMatch4.0.17
OR
oraclemysqlMatch4.0.18
OR
oraclemysqlMatch4.0.19
OR
oraclemysqlMatch4.0.20
OR
oraclemysqlMatch4.0.21
OR
oraclemysqlMatch4.0.23
OR
oraclemysqlMatch4.0.24
OR
oraclemysqlMatch4.0.25
OR
oraclemysqlMatch4.0.26
OR
oraclemysqlMatch4.0.27
OR
oraclemysqlMatch4.1.0alpha
OR
oraclemysqlMatch4.1.1
OR
oraclemysqlMatch4.1.2alpha
OR
oraclemysqlMatch4.1.3beta
OR
oraclemysqlMatch4.1.4
OR
oraclemysqlMatch4.1.5
OR
oraclemysqlMatch4.1.6
OR
oraclemysqlMatch4.1.7
OR
oraclemysqlMatch4.1.9
OR
oraclemysqlMatch4.1.11
OR
oraclemysqlMatch4.1.16
OR
oraclemysqlMatch4.1.17
OR
oraclemysqlMatch4.1.18
OR
oraclemysqlMatch4.1.19
OR
oraclemysqlMatch4.1.20
OR
oraclemysqlMatch4.1.21
OR
oraclemysqlMatch5.0.0alpha
OR
oraclemysqlMatch5.0.3beta
OR
oraclemysqlMatch5.0.6
OR
oraclemysqlMatch5.0.7
OR
oraclemysqlMatch5.0.8
OR
oraclemysqlMatch5.0.9
OR
oraclemysqlMatch5.0.11
OR
oraclemysqlMatch5.0.12
OR
oraclemysqlMatch5.0.13
OR
oraclemysqlMatch5.0.14
OR
oraclemysqlMatch5.0.18
OR
oraclemysqlMatch5.0.19
OR
oraclemysqlMatch5.0.21
OR
oraclemysqlMatch5.0.22
OR
oraclemysqlMatch5.1.1
OR
oraclemysqlMatch5.1.2
OR
oraclemysqlMatch5.1.3
OR
oraclemysqlMatch5.1.4
OR
oraclemysqlMatch5.1.6
OR
oraclemysqlMatch5.1.7
OR
oraclemysqlMatch5.1.8
OR
oraclemysqlMatch5.1.9
OR
oraclemysqlMatch5.1.10
OR
oraclemysqlMatch5.1.11
VendorProductVersionCPE
mysqlmysql4.1.0cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*
mysqlmysql4.1.2cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*
mysqlmysql4.1.3cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*
mysqlmysql4.1.8cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*
mysqlmysql4.1.10cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*
mysqlmysql4.1.12cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*
mysqlmysql4.1.13cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*
mysqlmysql4.1.14cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*
mysqlmysql4.1.15cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*
mysqlmysql5.0.0cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 951

References

Related

nessus 11
freebsd 1
cvelist 1
cve 1
openvas 4
redhat 2
veracode 1
centos 1
ubuntucve 1
oraclelinux 1
osv 1
debian 1
nessus
nessus
FreeBSD : mysql -- database 'case-sensitive' privilege escalation (a0e92718-6603-11db-ab90-000e35fd8194)
2006-10-30 00:00:00
Oracle Linux 4 : mysql (ELSA-2007-0152)
2013-07-12 00:00:00
MySQL < 4.1.21 / 5.0.25 / 5.1.12 Access Control
2012-01-16 00:00:00
freebsd
freebsd
mysql -- database "case-sensitive" privilege escalation
2006-08-09 00:00:00
cvelist
cvelist
CVE-2006-4226
2006-08-18 19:55:00
cve
cve
CVE-2006-4226
2006-08-18 20:04:00
openvas
openvas
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
2008-01-17 00:00:00
redhat
redhat
(RHSA-2007:0152) Moderate: mysql security update
2007-04-03 00:00:00
(RHSA-2007:0083) Low: mysql security update
2007-02-19 00:00:00
veracode
veracode
Unauthorized Access
2020-04-10 00:14:20
centos
centos
mysql security update
2007-04-04 00:06:56
ubuntucve
ubuntucve
CVE-2006-4226
2006-08-18 00:00:00
oraclelinux
oraclelinux
Moderate: mysql security update
2007-04-04 00:00:00
osv
osv
mysql-dfsg-4.1 - several
2006-09-05 00:00:00
debian
debian
[SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities
2006-09-05 06:08:29

CVSS2

3.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

AI Score

6

Confidence

Low

EPSS

0.005

Percentile

75.9%

JSON
Related for NVD:CVE-2006-4226
nessus11freebsd1cvelist1cve1openvas4redhat2veracode1centos1ubuntucve1oraclelinux1osv1debian1