MySQL 5.0.95 MyISAM Table Symbolic Link Local Restriction Bypass

medium Nessus Plugin ID 62927

Synopsis

The remote database server is affected by a local user to bypass privilege certain checks.

Description

The version of MySQL installed may be affected by a symlink-related restriction bypass vulnerability due to a CVE-2009-4030 regression fix being removed in a RedHat 5.0.95 package.

Note that this flaw has no impact if the default basedir and datadir configuration values are unchanged.

Solution

Either configure MySQL to use default values for basedir and datadir configuration variables or upgrade to MySQL version 5.1.41 or later.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=860808

Plugin Details

Severity: Medium

ID: 62927

File Name: mysql_5_0_95_create_table_bypass.nasl

Version: 1.4

Type: remote

Family: Databases

Published: 11/15/2012

Updated: 7/16/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Temporal Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:oracle:mysql, cpe:/a:mysql:mysql

Required KB Items: Settings/ParanoidReport, Settings/PCI_DSS

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 9/26/2012

Reference Information

CVE: CVE-2009-4030, CVE-2012-4452

BID: 55715

CWE: 59