Launchpad.net

CVE 2007-6303

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.

Related bugs and status

CVE-2007-6303 (Candidate) is related to these bugs:

Bug #172260: [mysql] multiple vulnerabilities

		In	Importance	Status
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu)	Unknown	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (tuXlab)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Dapper)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Edgy)	Undecided	Won't Fix
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Edgy)	Undecided	Won't Fix
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Edgy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Edgy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Feisty)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Gutsy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Hardy)	Unknown	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Hardy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Hardy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Hardy)	Undecided	Invalid

Bug #185039: [mysql] [CVE-2007-6303] remote privilege escalation

Summary				In	Importance	Status
	185039	[mysql] [CVE-2007-6303] remote privilege escalation		mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released

Bug #186978: [mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL

		In	Importance	Status
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Edgy)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Feisty)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Gutsy)	Undecided	Fix Released

Bug #201009: [mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed

		In	Importance	Status
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Dapper)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Edgy)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Feisty)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Gutsy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.mysql.com/...
CONFIRM: http://dev.mysql.com/d...
CONFIRM: http://dev.mysql.com/d...
CONFIRM: http://dev.mysql.com/d...
SECUNIA: 28063
SECTRACK: 1019085
FEDORA: FEDORA-2007-4465
FEDORA: FEDORA-2007-4471
REDHAT: RHSA-2007:1157
BID: 26832
SECUNIA: 28025
MANDRIVA: MDVSA-2008:017
CONFIRM: http://lists.mysql.com...
CONFIRM: https://issues.rpath.c...
CONFIRM: http://wiki.rpath.com/...
SUSE: SUSE-SR:2008:003
SECUNIA: 28739
SECUNIA: 28838
UBUNTU: USN-588-1
SECUNIA: 29443
GENTOO: GLSA-200804-04
SECUNIA: 29706
VUPEN: ADV-2007-4198
XF: mysql-definer-value-pr...
BUGTRAQ: 20080205 rPSA-2008-004...