// For flags

CVE-2008-2079

mysql: privilege escalation via DATA/INDEX DIRECTORY directives

Severity Score

4.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.

MySQL 4.1.x anterior a 4.1.24, 5.0.x antes de 5.0.60, 5.1.x anterior a 5.1.24 y 6.0.x antes de 6.0.5 permite a usuarios locales evitar ciertas comprobaciones de privilegios llamando a CREATE TABLE en una tabla MyISAM con argumentos (1) DATA DIRECTORY or (2) INDEX DIRECTORY modificados que están dentro del directorio MySQL home data, que puede apuntar a tablas que se crearán en el futuro.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-05-05 CVE Reserved
  • 2008-05-05 CVE Published
  • 2024-03-01 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (35)
URL Tag Source
http://secunia.com/advisories/30134 Third Party Advisory
http://secunia.com/advisories/31066 Third Party Advisory
http://secunia.com/advisories/31226 Third Party Advisory
http://secunia.com/advisories/31687 Third Party Advisory
http://secunia.com/advisories/32222 Third Party Advisory
http://secunia.com/advisories/32769 Third Party Advisory
http://secunia.com/advisories/36566 Third Party Advisory
http://secunia.com/advisories/36701 Third Party Advisory
http://support.apple.com/kb/HT3216 Third Party Advisory
http://support.apple.com/kb/HT3865 Third Party Advisory
http://www.securitytracker.com/id?1019995 Third Party Advisory
http://www.vupen.com/english/advisories/2008/1472/references Third Party Advisory
http://www.vupen.com/english/advisories/2008/2780 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42267 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133 Signature
URL Date SRC
http://bugs.mysql.com/bug.php?id=32167 2024-08-07
URL Date SRC
http://www.securityfocus.com/bid/29106 2019-12-17
http://www.securityfocus.com/bid/31681 2019-12-17
URL Date SRC
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html 2019-12-17
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html 2019-12-17
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html 2019-12-17
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html 2019-12-17
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html 2019-12-17
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html 2019-12-17
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html 2019-12-17
http://www.debian.org/security/2008/dsa-1608 2019-12-17
http://www.mandriva.com/security/advisories?name=MDVSA-2008:149 2019-12-17
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 2019-12-17
http://www.redhat.com/support/errata/RHSA-2008-0505.html 2019-12-17
http://www.redhat.com/support/errata/RHSA-2008-0510.html 2019-12-17
http://www.redhat.com/support/errata/RHSA-2008-0768.html 2019-12-17
http://www.redhat.com/support/errata/RHSA-2009-1289.html 2019-12-17
http://www.ubuntu.com/usn/USN-671-1 2019-12-17
https://access.redhat.com/security/cve/CVE-2008-2079 2009-09-02
https://bugzilla.redhat.com/show_bug.cgi?id=445222 2009-09-02
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mysql
Search vendor "Mysql"
 Mysql
Search vendor "Mysql" for product "Mysql"
 >= 4.1.0 < 4.1.24
Search vendor "Mysql" for product "Mysql" and version " >= 4.1.0 < 4.1.24"
-
Affected
Mysql
Search vendor "Mysql"
 Mysql
Search vendor "Mysql" for product "Mysql"
 >= 5.0.0 < 5.0.60
Search vendor "Mysql" for product "Mysql" and version " >= 5.0.0 < 5.0.60"
-
Affected
Mysql
Search vendor "Mysql"
 Mysql
Search vendor "Mysql" for product "Mysql"
 >= 5.1.0 < 5.1.24
Search vendor "Mysql" for product "Mysql" and version " >= 5.1.0 < 5.1.24"
-
Affected
Oracle
Search vendor "Oracle"
 Mysql
Search vendor "Oracle" for product "Mysql"
 >= 6.0.0 < 6.0.5
Search vendor "Oracle" for product "Mysql" and version " >= 6.0.0 < 6.0.5"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 4.0
Search vendor "Debian" for product "Debian Linux" and version "4.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.06
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 7.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "7.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 8.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04"
lts
Affected