Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-2008

Опубликовано: 13 июл. 2010
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5

Описание

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

РелизСтатусПримечание
dapper

DNE

devel

released

5.1.48-1ubuntu1
hardy

DNE

jaunty

DNE

karmic

DNE

lucid

DNE

maverick

released

5.1.48-1ubuntu1
upstream

released

5.1.48, 5.5.5

Показывать по

РелизСтатусПримечание
dapper

not-affected

devel

DNE

hardy

DNE

jaunty

DNE

karmic

DNE

lucid

DNE

maverick

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

not-affected

devel

DNE

hardy

not-affected

jaunty

not-affected

karmic

not-affected

lucid

DNE

maverick

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

ignored

end of life
karmic

released

5.1.37-1ubuntu5.5
lucid

released

5.1.41-3ubuntu12.7
maverick

DNE

upstream

released

5.1.48

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.03606
Низкий

3.5 Low

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-2008

redhat
больше 15 лет назад

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

nvd логотип

CVE-2010-2008

nvd
больше 15 лет назад

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

debian логотип

CVE-2010-2008

debian
больше 15 лет назад

MySQL before 5.1.48 allows remote authenticated users with alter datab ...

github логотип

GHSA-x8g4-4q7f-5fwx

github
больше 3 лет назад

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

EPSS

Процентиль: 87%
0.03606
Низкий

3.5 Low

CVSS2