CVE-2007-6303 – mysql: DEFINER value of view not altered on ALTER VIEW
https://notcve.org/view.php?id=CVE-2007-6303
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. MySQL versiones 5.0.x anteriores a 5.0.51a, versiones 5.1.x anteriores a 5.1.23 y versiones 6.0.x anteriores a 6.0.4, no actualizan el valor DEFINER de una vista cuando se modifica la vista, lo que permite a usuarios remotos autenticados alcanzar privilegios por medio de una secuencia de sentencias, incluyendo una sentencia CREATE SQL SECURITY DEFINER VIEW y una sentencia ALTER VIEW. • http://bugs.mysql.com/bug.php?id=29908 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html http://lists.mysql.com/announce/502 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://secunia.com/advisories/28025 http://secunia.com/advisories/28063 http://secunia.com/advisories/28739 http:/ •
CVE-2007-6304
https://notcve.org/view.php?id=CVE-2007-6304
The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns. El motor federated en MySQL versiones 5.0.x anteriores a 5.0.51a, versiones 5.1.x anteriores a 5.1.23 y versiones 6.0.x anteriores a 6.0.4, al realizar una determinada consulta SHOW TABLE STATUS, permite a los servidores MySQL remotos causar una denegación de servicio (bloqueo del manejador de federated y bloqueo del demonio) por medio de una respuesta que carece del número mínimo necesario de columnas. • http://bugs.mysql.com/bug.php?id=29801 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html http://lists.mysql.com/announce/502 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://osvdb.org/42609 http://secunia.com/advisories/28063 http://secunia.com/advisories/28128 http://secunia. •
CVE-2007-5970
https://notcve.org/view.php?id=CVE-2007-5970
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges. MySQL 5.1.x versiones anteriores a 5.1.23, y 6.0.x versiones anteriores a 6.0.4, permite a usuarios remotos autenticados obtener privilegios en tablas de su elección mediante vectores no especificados involucrando el uso a nivel de tabla de opciones DATA DIRECTORY e INDEX DIRECTORY cuando se crea una tabla particionada con el mismo nombre que una tabla en la que el usuario no tiene privilegios. • http://bugs.mysql.com/bug.php?id=32091 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html http://osvdb.org/42607 http://securitytracker.com/id?1019084 http://www.vupen.com/english/advisories/2008/0560/references https://exchange.xforce.ibmcloud.com/vulnerabilities/38988 •
CVE-2007-5925 – MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service
https://notcve.org/view.php?id=CVE-2007-5925
The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. La función convert_search_mode_to_innobase del ha_innodb.cc en el motor InnoDB del 5.1.23-BK y versiones anteriores permite a usuarios remotos autenticados provocar una denegación de servicio (caída de la base de datos) a través de ciertas operaciones CONTAINS sobre un índice de una columna, lo que dispara una afirmación de error. • https://www.exploit-db.com/exploits/30744 http://bugs.gentoo.org/show_bug.cgi?id=198988 http://bugs.mysql.com/bug.php?id=32125 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://secunia.com/advisories/27568 http://secunia.com/advisories/27649 http://secunia.com/advisories/27823 http://secunia.com/advisories/28025 http://secunia.com/advisories/28040 http://secunia. • CWE-20: Improper Input Validation •
CVE-2007-2693
https://notcve.org/view.php?id=CVE-2007-2693
MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement. MySQL anterior a 5.1.18 permite a usuarios autenticados remotamente sin privilegios SELECT obtener información sensible desde tablas particionadas mediante una sentencia ALTER TABLE. • http://bugs.mysql.com/bug.php?id=23675 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html http://secunia.com/advisories/25301 http://www.securityfocus.com/bid/24008 http://www.securitytracker.com/id?1018071 http://www.vupen.com/english/advisories/2007/1804 https://exchange.xforce.ibmcloud.com/vulnerabilities/34349 •