CVE-2003-0150

MySQL 3.23.x - 'mysqld' Local Privilege Escalation

Severity Score

9.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.

MySQL 3.23.55 y anteriores crean ficheros escribibles por todos los usuarios y permite a usuarios de MySQL ganar privilegios de root usando el operados "SELECT * INFO OUTFILE" para sobreescribir un fichero de configuración y hacer que mysql corra como root al reiniciar.

MySQL versions 5.7.15 and below, 5.6.33 and below, and 5.5.52 and below suffer from remote root code execution and privilege escalation vulnerabilities.

*Credits: N/A

CVSS Scores

NISTv2 9.0

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2003-03-08 First Exploit
2003-03-18 CVE Reserved
2003-03-21 CVE Published
2024-07-29 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (17)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=104715840202315&w=2	Mailing List
http://marc.info/?l=bugtraq&m=104739810523433&w=2	Mailing List
http://marc.info/?l=bugtraq&m=104800948128630&w=2	Mailing List
http://marc.info/?l=bugtraq&m=104802285012750&w=2	Mailing List
http://www.kb.cert.org/vuls/id/203897	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11510	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A442	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/22340	2003-03-08
http://www.securityfocus.com/bid/7052	2024-08-08

URL	Date	SRC

URL	Date	SRC
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000743	2019-10-07
http://rhn.redhat.com/errata/RHSA-2003-094.html	2019-10-07
http://www.debian.org/security/2003/dsa-303	2019-10-07
http://www.linuxsecurity.com/advisories/engarde_advisory-3046.html	2019-10-07
http://www.mandriva.com/security/advisories?name=MDKSA-2003:057	2019-10-07
http://www.redhat.com/support/errata/RHSA-2003-093.html	2019-10-07
https://access.redhat.com/security/cve/CVE-2003-0150	2003-05-15
https://bugzilla.redhat.com/show_bug.cgi?id=1616987	2003-05-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.52 Search vendor "Oracle" for product "Mysql" and version "3.23.52"		-		Affected
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.53 Search vendor "Oracle" for product "Mysql" and version "3.23.53"		-		Affected
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.53a Search vendor "Oracle" for product "Mysql" and version "3.23.53a"		-		Affected
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.54 Search vendor "Oracle" for product "Mysql" and version "3.23.54"		-		Affected
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.54a Search vendor "Oracle" for product "Mysql" and version "3.23.54a"		-		Affected
Oracle Search vendor "Oracle"		Mysql Search vendor "Oracle" for product "Mysql"				3.23.55 Search vendor "Oracle" for product "Mysql" and version "3.23.55"		-		Affected