MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the SELECT * INFO OUTFILE operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mysql | Oracle | 3.23.52 (including) | 3.23.52 (including) |
Mysql | Oracle | 3.23.53 (including) | 3.23.53 (including) |
Mysql | Oracle | 3.23.53a (including) | 3.23.53a (including) |
Mysql | Oracle | 3.23.54 (including) | 3.23.54 (including) |
Mysql | Oracle | 3.23.54a (including) | 3.23.54a (including) |
Mysql | Oracle | 3.23.55 (including) | 3.23.55 (including) |
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
Red Hat Linux 7.1 | RedHat | * | |
Red Hat Linux 7.1 | RedHat | * | |
Red Hat Linux 7.2 | RedHat | * | |
Red Hat Linux 7.3 | RedHat | * | |
Red Hat Linux 8.0 | RedHat | * | |
Red Hat Linux 9 | RedHat | * | |
Red Hat Linux Advanced Workstation 2.1 | RedHat | * |