CVE-2009-4030

Advisory lineage Upstream: 0 Downstream: 6

Downstream

DSA-1997-1 OPENSUSE-SU-2024:10153-1 RHSA-2010:0109 RHSA-2010:0110 SUSE-RU-2023:3956-1 SUSE-RU-2023:4991-1

Modified

Published: 30 Nov 2009, 17:00

Last modified:07 Aug 2024, 06:45

Vulnerability Summary

Overall Risk (default)

low

18/100

CVSS Score

4.4 MEDIUM

v2.0 (nvd)

EPSS Score

0.03% LOW

0% probability -0.01%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

30 Nov 2009, 17:00

Published

Vulnerability first disclosed

07 Aug 2024, 06:45

Last Modified

Vulnerability information updated

Description

MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.

CVSS Metrics

v2.0•MEDIUM•Score: 4.4AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 0.03%• Percentile: 8%

Techniques & Countermeasures

CWE-59•Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Affected Systems

mysql•mysql
5.1.5 | 5.1.23 | 5.1.32
oracle•mysql
5.1 | 5.1.1 | 5.1.2 | 5.1.3 | 5.1.4 | 5.1.6 | 5.1.7 | 5.1.8 | 5.1.9 | 5.1.10 | 5.1.11 | 5.1.12 | 5.1.13 | 5.1.14 | 5.1.15 | 5.1.16 | 5.1.17 | 5.1.18 | 5.1.19 | 5.1.20 | 5.1.21 | 5.1.22 | 5.1.30