MySQL RENAME privilege escalation
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
MySQL RENAME privilege escalation
Published:
05.07.2007
Source:
CVE
SecurityVulns ID:
7893
Type:
local
Level:
5
/10
Description:
DROP permission is not checked during RENAME operation.
Affected:
MYSQL
:
MySQL 4.0
MYSQL
:
MySQL 4.1
ORACLE
:
MySQL 5.0
ORACLE
:
MySQL 5.1
CVE:
CVE-2007-2691
(MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
