CVE-2008-2079

{"id": "CVE-2008-2079", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2008-05-05T16:20:00.000", "references": [{"url": "http://bugs.mysql.com/bug.php?id=32167", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30134", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31066", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31226", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31687", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32222", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32769", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/36566", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/36701", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT3216", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT3865", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1608", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:149", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:150", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0510.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/29106", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/31681", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1019995", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-671-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1472/references", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2780", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42267", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future."}, {"lang": "es", "value": "MySQL 4.1.x anterior a 4.1.24, 5.0.x antes de 5.0.60, 5.1.x anterior a 5.1.24 y 6.0.x antes de 6.0.5 permite a usuarios locales evitar ciertas comprobaciones de privilegios llamando a CREATE TABLE en una tabla MyISAM con argumentos (1) DATA DIRECTORY or (2) INDEX DIRECTORY modificados que est\u00e1n dentro del directorio MySQL home data, que puede apuntar a tablas que se crear\u00e1n en el futuro."}], "lastModified": "2019-12-17T15:25:45.817", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56C895D3-2949-4B14-B059-F0E29D977982", "versionEndExcluding": "4.1.24", "versionStartIncluding": "4.1.0"}, {"criteria": "cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "027481EF-83CF-40AF-8223-572B7915845F", "versionEndExcluding": "5.0.60", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F5416CD-0CEB-4C41-AE28-2A9C2B5600A7", "versionEndExcluding": "5.1.24", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA6A87CA-DA11-4B91-A3E9-6437042BDC1A", "versionEndExcluding": "6.0.5", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This issue did not affect MySQL as supplied with Red Hat Enterprise Linux 3.\n\nThis issue was addressed for Red Hat Enterprise Linux 4, 5, and Red Hat Application Stack v1, v2:\nhttps://rhn.redhat.com/cve/CVE-2008-2079.html\n", "lastModified": "2009-09-02T00:00:00", "organization": "Red Hat"}], "evaluatorComment": "Per http://www.securityfocus.com/bid/29106 and http://secunia.com/advisories/32222, this vulnerability is remotely exploitable.", "sourceIdentifier": "secalert@redhat.com"}