CVE-2008-2079
mysql: privilege escalation via DATA/INDEX DIRECTORY directives
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
MySQL 4.1.x anterior a 4.1.24, 5.0.x antes de 5.0.60, 5.1.x anterior a 5.1.24 y 6.0.x antes de 6.0.5 permite a usuarios locales evitar ciertas comprobaciones de privilegios llamando a CREATE TABLE en una tabla MyISAM con argumentos (1) DATA DIRECTORY or (2) INDEX DIRECTORY modificados que están dentro del directorio MySQL home data, que puede apuntar a tablas que se crearán en el futuro.
Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code. a denial of service via a special Hello packet. Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges. The updated packages have been patched to correct these issues.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-05-05 CVE Reserved
- 2008-05-05 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2025-07-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (35)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/30134 | Third Party Advisory | |
| http://secunia.com/advisories/31066 | Third Party Advisory | |
| http://secunia.com/advisories/31226 | Third Party Advisory | |
| http://secunia.com/advisories/31687 | Third Party Advisory | |
| http://secunia.com/advisories/32222 | Third Party Advisory | |
| http://secunia.com/advisories/32769 | Third Party Advisory | |
| http://secunia.com/advisories/36566 | Third Party Advisory | |
| http://secunia.com/advisories/36701 | Third Party Advisory | |
| http://support.apple.com/kb/HT3216 | Third Party Advisory |
|
| http://support.apple.com/kb/HT3865 | Third Party Advisory |
|
| http://www.securitytracker.com/id?1019995 | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2008/1472/references | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2008/2780 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42267 | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133 | Signature |
| URL | Date | SRC |
|---|---|---|
| http://bugs.mysql.com/bug.php?id=32167 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/29106 | 2019-12-17 | |
| http://www.securityfocus.com/bid/31681 | 2019-12-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mysql Search vendor "Mysql" | Mysql Search vendor "Mysql" for product "Mysql" | >= 4.1.0 < 4.1.24 Search vendor "Mysql" for product "Mysql" and version " >= 4.1.0 < 4.1.24" | - |
Affected
| ||||||
| Mysql Search vendor "Mysql" | Mysql Search vendor "Mysql" for product "Mysql" | >= 5.0.0 < 5.0.60 Search vendor "Mysql" for product "Mysql" and version " >= 5.0.0 < 5.0.60" | - |
Affected
| ||||||
| Mysql Search vendor "Mysql" | Mysql Search vendor "Mysql" for product "Mysql" | >= 5.1.0 < 5.1.24 Search vendor "Mysql" for product "Mysql" and version " >= 5.1.0 < 5.1.24" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Search vendor "Oracle" for product "Mysql" | >= 6.0.0 < 6.0.5 Search vendor "Oracle" for product "Mysql" and version " >= 6.0.0 < 6.0.5" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 4.0 Search vendor "Debian" for product "Debian Linux" and version "4.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 7.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 8.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04" | lts |
Affected
| ||||||