CVE 2007-5969
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
Related bugs and status
CVE-2007-5969 (Candidate) is related to these bugs:
Bug #172260: [mysql] multiple vulnerabilities
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu) | Unknown | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (tuXlab) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu Dapper) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu Dapper) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu Dapper) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu Dapper) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu Edgy) | Undecided | Won't Fix | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu Edgy) | Undecided | Won't Fix | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu Edgy) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu Edgy) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu Feisty) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu Feisty) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu Feisty) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu Feisty) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu Gutsy) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu Gutsy) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu Gutsy) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu Gutsy) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg (Ubuntu Hardy) | Unknown | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-4.1 (Ubuntu Hardy) | Undecided | Invalid | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.0 (Ubuntu Hardy) | Medium | Fix Released | ||
172260 | [mysql] multiple vulnerabilities | mysql-dfsg-5.1 (Ubuntu Hardy) | Undecided | Invalid |
See the
CVE page on Mitre.org
for more details.