[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-2692Date: (C)2007-05-15   (M)2023-12-22


The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.0
Exploit Score: 6.8
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1018070
http://www.securityfocus.com/archive/1/473874/100/0/threaded
BID-24011
SECUNIA-25301
SECUNIA-26073
SECUNIA-26430
SECUNIA-27823
SECUNIA-28637
SECUNIA-28838
SECUNIA-29443
SECUNIA-30351
OSVDB-34765
ADV-2007-1804
DSA-1413
MDVSA-2008:028
RHSA-2007:0894
RHSA-2008:0364
SUSE-SR:2008:003
USN-588-1
http://lists.mysql.com/announce/470
http://bugs.mysql.com/bug.php?id=27337
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html
https://issues.rpath.com/browse/RPL-1536
mysql-changedb-privilege-escalation(34348)
oval:org.mitre.oval:def:9166

CPE    13
cpe:/a:mysql:mysql:5.0.10
cpe:/a:mysql:mysql:5.0.16
cpe:/a:mysql:mysql:5.0.17
cpe:/a:mysql:mysql:5.0.15
...
OVAL    1
oval:org.secpod.oval:def:301368

© SecPod Technologies