CVE-2008-7247
Vulnerability Summary
Timeline
Description
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
CVSS Metrics
- v2.0•MEDIUM•Score: 6AV:N/AC:M/Au:S/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 0.24%• Percentile: 48%
Techniques & Countermeasures
- CWE-59•Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Affected Systems
- mysql•mysql
5.0.0 | 5.0.1 | 5.0.2 | 5.0.3 | 5.0.4 | 5.0.5 | 5.0.5.0.21 | 5.0.10 | 5.0.15 | 5.0.16 | 5.0.17 | 5.0.20 | 5.0.22.1.0.1 | 5.0.24 | 5.0.30 | 5.0.36 | 5.0.44 | 5.0.54 | 5.0.56 | 5.0.60 | 5.0.66 | 5.0.82 | 5.1.5 | 5.1.23 | 5.1.32 | 6.0.9
- oracle•mysql
5.0.0:alpha | 5.0.3:beta | 5.0.6 | 5.0.7 | 5.0.8 | 5.0.11 | 5.0.12 | 5.0.13 | 5.0.14 | 5.0.18 | 5.0.19 | 5.0.21 | 5.0.22 | 5.0.23 | 5.0.25 | 5.0.26 | 5.0.27 | 5.0.30:sp1 | 5.0.32 | 5.0.33 | 5.0.37 | 5.0.38 | 5.0.41 | 5.0.42 | 5.0.45 | 5.0.50 | 5.0.51 | 5.0.52 | 5.0.75 | 5.0.77 | 5.0.81 | 5.0.83 | 5.1 | 5.1.1 | 5.1.2 | 5.1.3 | 5.1.4 | 5.1.6 | 5.1.7 | 5.1.8 | 5.1.9 | 5.1.10 | 5.1.11 | 5.1.12 | 5.1.13 | 5.1.14 | 5.1.15 | 5.1.16 | 5.1.17 | 5.1.18 | 5.1.19 | 5.1.20 | 5.1.21 | 5.1.22 | 5.1.30 | 6.0.0 | 6.0.1 | 6.0.2 | 6.0.3 | 6.0.4
References (14)
- http://www.ubuntu.com/usn/USN-1397-1
- http://secunia.com/advisories/38517
- http://www.vupen.com/english/advisories/2010/1107
- http://ubuntu.com/usn/usn-897-1
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://bugs.mysql.com/bug.php?id=39277
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://support.apple.com/kb/HT4077
- http://marc.info/?l=oss-security&m=125908040022018&w=2
- http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
- https://bugzilla.redhat.com/show_bug.cgi?id=543619
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:044
- http://www.securityfocus.com/bid/38043
- http://lists.mysql.com/commits/59711