CVE-2009-4030

Published: Nov 30, 2009Modified: Apr 23, 2026

4.4

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 3.4 / Impact: 6.4

Source: NVD

Description

MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.

Affected (26)

Products: Mysql: Mysql · Oracle: Mysql

1 product

1 product

Configuration A

26 vulnerable

Vulnerable Software	Affected Versions
Mysql Mysql	Version 5.1.23
Mysql Mysql	Version 5.1.32
Mysql Mysql	Version 5.1.5
Oracle Mysql	Version 5.1.10
Oracle Mysql	Version 5.1.11
Oracle Mysql	Version 5.1.12
Oracle Mysql	Version 5.1.13
Oracle Mysql	Version 5.1.14
Oracle Mysql	Version 5.1.15
Oracle Mysql	Version 5.1.16
Oracle Mysql	Version 5.1.17
Oracle Mysql	Version 5.1.18
Oracle Mysql	Version 5.1.19
Oracle Mysql	Version 5.1.1
Oracle Mysql	Version 5.1.20
Oracle Mysql	Version 5.1.21
Oracle Mysql	Version 5.1.22
Oracle Mysql	Version 5.1.2
Oracle Mysql	Version 5.1.30
Oracle Mysql	Version 5.1.3
Oracle Mysql	Version 5.1.4
Oracle Mysql	Version 5.1.6
Oracle Mysql	Version 5.1.7
Oracle Mysql	Version 5.1.8
Oracle Mysql	Version 5.1.9
Oracle Mysql	Version 5.1

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (42)

http://bugs.mysql.com/bug.php?id=32167

Source: secalert@redhat.com

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html

Source: secalert@redhat.com

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Source: secalert@redhat.com

http://lists.mysql.com/commits/89940

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html

Source: secalert@redhat.com

http://marc.info/?l=oss-security&m=125908040022018&w=2

Source: secalert@redhat.com

http://marc.info/?l=oss-security&m=125908080222685&w=2

Source: secalert@redhat.com

http://secunia.com/advisories/38517

Source: secalert@redhat.com

http://secunia.com/advisories/38573

Source: secalert@redhat.com

http://support.apple.com/kb/HT4077

Source: secalert@redhat.com

http://ubuntu.com/usn/usn-897-1

Source: secalert@redhat.com

http://www.debian.org/security/2010/dsa-1997

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2009/11/19/3

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2009/11/24/6

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2010-0109.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2010-0110.html

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1397-1

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2010/1107

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156

Source: secalert@redhat.com

http://bugs.mysql.com/bug.php?id=32167

Source: af854a3a-2127-422b-91ae-364da2661108

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.mysql.com/commits/89940

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=oss-security&m=125908040022018&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=oss-security&m=125908080222685&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/38517

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/38573

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4077

Source: af854a3a-2127-422b-91ae-364da2661108

http://ubuntu.com/usn/usn-897-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2010/dsa-1997

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2009/11/19/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2009/11/24/6

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2010-0109.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2010-0110.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1397-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2010/1107

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.