Описание
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Отчет
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw for Red Hat Enterprise Linux 3 and 4 mysql packages.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | mysql | Affected | ||
| Red Hat Enterprise Linux 6 | mysql | Not affected | ||
| Red Hat Enterprise Linux 4 | mysql | Fixed | RHSA-2010:0824 | 03.11.2010 |
| Red Hat Enterprise Linux 5 | mysql | Fixed | RHSA-2010:0442 | 26.05.2010 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 ...
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
EPSS
6.5 Medium
CVSS2