Veracode Vulnerability DatabaseVERACODE:23654Authorization Bypass
EPSS
Percentile
14.3%
mysql is vulnerable to authorization bypass. The vulnerability exists as it was discovered that the Red Hat Security Advisory RHSA-2008:0505, for Red Hat Application Stack v2.1, provided an incomplete fix for the flaw where MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker could elevate their access privileges to tables created by other database users. Note: This attack does not work on existing tables. An attacker can only elevate their access to another user’s tables as the tables are created. As well, the names of these created tables need to be predicted correctly for this attack to succeed.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
bugs.mysql.com/bug.php?id=32167
lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
secunia.com/advisories/32578
secunia.com/advisories/32759
secunia.com/advisories/32769
secunia.com/advisories/38517
ubuntu.com/usn/usn-897-1
www.debian.org/security/2008/dsa-1662
www.mandriva.com/security/advisories?name=MDVSA-2009:094
www.openwall.com/lists/oss-security/2008/09/09/20
www.openwall.com/lists/oss-security/2008/09/16/3
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2009-1067.html
www.redhat.com/support/errata/RHSA-2010-0110.html
www.ubuntu.com/usn/USN-1397-1
www.ubuntu.com/usn/USN-671-1
access.redhat.com/errata/RHSA-2009:1067
exchange.xforce.ibmcloud.com/vulnerabilities/45649
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10591
Related
