Test ID:	1.3.6.1.4.1.25623.1.0.801065
Category:	Denial of Service
Title:	MySQL Authenticated Access Restrictions Bypass Vulnerability - Linux
Summary:	MySQL is prone to Access Restrictions Bypass Vulnerability.
Description:	Summary: MySQL is prone to Access Restrictions Bypass Vulnerability. Vulnerability Insight: The flaw is due to an error in 'sql/sql_table.cc', when the data home directory contains a symlink to a different filesystem. Vulnerability Impact: Successful exploitation could allow users to bypass intended access restrictions by calling CREATE TABLE with DATA DIRECTORY or INDEX DIRECTORY argument referring to a subdirectory. Affected Software/OS: MySQL 5.0.x before 5.0.88, 5.1.x before 5.1.41, 6.0 before 6.0.9-alpha. Solution: Upgrade to MySQL version 5.0.88 or 5.1.41 or 6.0.9-alpha. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-7247 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 38043 http://www.securityfocus.com/bid/38043 http://www.mandriva.com/security/advisories?name=MDVSA-2010:044 https://bugzilla.redhat.com/show_bug.cgi?id=543619 http://lists.mysql.com/commits/59711 http://marc.info/?l=oss-security&m=125908040022018&w=2 http://secunia.com/advisories/38517 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html SuSE Security Announcement: SUSE-SR:2010:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html http://www.ubuntu.com/usn/USN-1397-1 http://ubuntu.com/usn/usn-897-1 http://www.vupen.com/english/advisories/2010/1107
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.