CVE-2007-2691

critical

Description

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

References

https://usn.ubuntu.com/528-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559

https://exchange.xforce.ibmcloud.com/vulnerabilities/34347

http://www.vupen.com/english/advisories/2008/2780

http://www.vupen.com/english/advisories/2007/1804

http://www.securitytracker.com/id?1018069

http://www.securityfocus.com/bid/31681

http://www.securityfocus.com/bid/24016

http://www.securityfocus.com/archive/1/473874/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2008-0768.html

http://www.redhat.com/support/errata/RHSA-2008-0364.html

http://www.redhat.com/support/errata/RHSA-2007-0894.html

http://www.mandriva.com/security/advisories?name=MDKSA-2007:139

http://www.debian.org/security/2007/dsa-1413

http://support.apple.com/kb/HT3216

http://secunia.com/advisories/32222

http://secunia.com/advisories/31226

http://secunia.com/advisories/30351

http://secunia.com/advisories/28838

http://secunia.com/advisories/27823

http://secunia.com/advisories/27155

http://secunia.com/advisories/26430

http://secunia.com/advisories/26073

http://secunia.com/advisories/25946

http://secunia.com/advisories/25301

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

http://lists.mysql.com/announce/470

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html

http://bugs.mysql.com/bug.php?id=27515

Details

Source: Mitre, NVD

Published: 2007-05-16

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical