CVE-2005-2558
https://notcve.org/view.php?id=CVE-2005-2558
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035845.html http://marc.info/?l=bugtraq&m=112354450412427&w=2 http://secunia.com/advisories/17027 http://secunia.com/advisories/20381 http://secunia.com/advisories/29847 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1 http://www.appsecinc.com/resources/alerts/mysql/2005-002.html http://www.debian.org/security/ •
CVE-2005-1636
https://notcve.org/view.php?id=CVE-2005-1636
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents. • http://marc.info/?l=full-disclosure&m=111632686805498&w=2 http://secunia.com/advisories/15369 http://secunia.com/advisories/17080 http://www.mandriva.com/security/advisories?name=MDKSA-2006:045 http://www.redhat.com/support/errata/RHSA-2005-685.html http://www.securityfocus.com/bid/13660 http://www.zataz.net/adviso/mysql-05172005.txt https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158688 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3 •
CVE-2005-0004
https://notcve.org/view.php?id=CVE-2005-0004
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simbólicos (symlink) en ficheros temporales. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 http://lists.mysql.com/internals/20600 http://marc.info/?l=bugtraq&m=110608297217224&w=2 http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html http://secunia.com/advisories/13867 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-647 http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 http://www.securityfocus.com/bid/12277 https: • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2004-0835 – MySQL 3.x/4.x - ALTER TABLE/RENAME Forces Old Permission Checks
https://notcve.org/view.php?id=CVE-2004-0835
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. MySQL 4 anteriores a 4.0.21 y 3.x anteriores a 3.23.49 comprueban los derechos CREATE/INSERT de la tabla original en lugar de los de la tabla de destino en una operación ALTER TABLE RANAME, lo que podría permitir a atacantes realizar actividades no permitidas. • https://www.exploit-db.com/exploits/24669 http://bugs.mysql.com/bug.php?id=3270 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 http://lists.mysql.com/internals/13073 http://secunia.com/advisories/12783 http://securitytracker.com/id?1011606 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.ciac.org/ciac/bulletins/p-018.shtml http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200 •
CVE-2004-0388
https://notcve.org/view.php?id=CVE-2004-0388
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. • http://dev.mysql.com/doc/mysql/en/news-4-1-2.html http://marc.info/?l=bugtraq&m=108206802810402&w=2 http://secunia.com/advisories/11223 http://security.gentoo.org/glsa/glsa-200405-20.xml http://securitytracker.com/id?1009784 http://www.ciac.org/ciac/bulletins/p-018.shtml http://www.debian.org/security/2004/dsa-483 http://www.mandriva.com/security/advisories?name=MDKSA-2004:034 http://www.osvdb.org/6421 http://www.redhat.com/support/errata/RHSA-2004-5 •