NVD

Id
2014  
Name
CVE-2008-2079  
Description
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:N/AC:H/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-05-05  
Modified Date
2013-01-22  
Seq
2008-2079  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
12912 2014 CVE-2008-2079 http://bugs.mysql.com/bug.php?id=32167  View
12913 2014 CVE-2008-2079 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html  View
12914 2014 CVE-2008-2079 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html  View
12915 2014 CVE-2008-2079 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html  View
12916 2014 CVE-2008-2079 http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html  View
12917 2014 CVE-2008-2079 APPLE-SA-2008-10-09  View
12918 2014 CVE-2008-2079 APPLE-SA-2009-09-10-2  View
12919 2014 CVE-2008-2079 SUSE-SR:2008:017  View
12920 2014 CVE-2008-2079 oval:org.mitre.oval:def:10133  View
12921 2014 CVE-2008-2079 http://support.apple.com/kb/HT3216  View
12922 2014 CVE-2008-2079 http://support.apple.com/kb/HT3865  View
12923 2014 CVE-2008-2079 DSA-1608  View
12924 2014 CVE-2008-2079 MDVSA-2008:149  View
12925 2014 CVE-2008-2079 MDVSA-2008:150  View
12926 2014 CVE-2008-2079 RHSA-2008:0505  View
12927 2014 CVE-2008-2079 RHSA-2008:0510  View
12928 2014 CVE-2008-2079 RHSA-2008:0768  View
12929 2014 CVE-2008-2079 RHSA-2009:1289  View
12930 2014 CVE-2008-2079 29106  View
12931 2014 CVE-2008-2079 31681  View
12932 2014 CVE-2008-2079 1019995  View
12933 2014 CVE-2008-2079 USN-671-1  View
12934 2014 CVE-2008-2079 ADV-2008-1472  View
12935 2014 CVE-2008-2079 ADV-2008-2780  View
12936 2014 CVE-2008-2079 mysql-myisam-security-bypass(42267)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52474 JVNDB-2007-001166 MySQL の MyISAM テーブルにおける権限チェック回避の脆弱性 MySQL には、将来作成されるテーブルをポイント可能な MySQL ホームデータディレクトリ内 DATA DIRECTORY 引数や INDEX DIRECTORY 引数を修正した MyISAM テーブル上で、CREATE TABLE を呼び出すことで、権限チェックを適切に行わない脆弱性が存在します。 CVE-2008-2079 32192 CVE-2008-2079 2014 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001166.html 2007-11-07 2009-12-24 View