REDHAT-BUG-454077
First published: Fri Jul 04 2008(Updated: )
Devin Carraway of the Debian Security Team discovered that the upstream fix for the <a href="https://access.redhat.com/security/cve/CVE-2008-2079">CVE-2008-2079</a> is incomplete and still makes it possible for local users to create tables via INDEX/DATA DIRECTORY directives in the MySQL data directory (/var/lib/mysql) via directory symlinks. <a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25</a> <a href="https://access.redhat.com/security/cve/CVE-2008-2079">CVE-2008-2079</a> was tracked via bug <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives" href="show_bug.cgi?id=445222">bug #445222</a>. An attacker needs following to exploit this issue: - MySQL database account with privileges to create tables - shell access to the host running MySQL database with write access to a directory accessible by the mysqld daemon process
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MySQL Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2008-2079
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=445222
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=311275&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=311275&action=edit
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#42
- http://bugs.mysql.com/bug.php?id=32167
- http://lists.mysql.com/commits/52326
- http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-70.html
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-28.html
- https://access.redhat.com/security/cve/CVE-2008-4098
- https://rhn.redhat.com/errata/RHSA-2009-1067.html
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=378566&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=378566&action=edit
- http://bazaar.launchpad.net/~mysql/mysql-server/mysql-4.1/revision/2705
- https://rhn.redhat.com/errata/RHSA-2010-0110.html
- https://bugzilla.redhat.com/show_bug.cgi?id=454077
Frequently Asked Questions
What is the severity of REDHAT-BUG-454077?
The severity of REDHAT-BUG-454077 is considered high due to the potential for local users to exploit the vulnerability.
How do I fix REDHAT-BUG-454077?
To fix REDHAT-BUG-454077, ensure that you apply the latest security patches for MySQL provided by your vendor.
What systems are affected by REDHAT-BUG-454077?
REDHAT-BUG-454077 affects MySQL server installations where local users may create specific directory directives.
Who discovered the vulnerability identified by REDHAT-BUG-454077?
The vulnerability identified by REDHAT-BUG-454077 was discovered by Devin Carraway of the Debian Security Team.
Is there an upstream fix for the issues related to REDHAT-BUG-454077?
The upstream fix for the issues related to REDHAT-BUG-454077 is incomplete, allowing for continued exploitation.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-4098
- agent/source
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mysql
- canonical/mysql server