MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mysql_server | Mysql | 5.1.22 (including) | 5.1.22 (including) |
| Mysql_server | Mysql | 6.0 (including) | 6.0 (including) |
| Mysql_server | Mysql | 6.0.1 (including) | 6.0.1 (including) |
| Mysql_server | Mysql | 6.0.2 (including) | 6.0.2 (including) |
| Mysql_server | Mysql | 6.0.3 (including) | 6.0.3 (including) |
| Mysql-dfsg-5.0 | Ubuntu | dapper | * |
| Mysql-dfsg-5.0 | Ubuntu | edgy | * |
| Mysql-dfsg-5.0 | Ubuntu | feisty | * |
| Mysql-dfsg-5.0 | Ubuntu | gutsy | * |
| Mysql-dfsg-5.0 | Ubuntu | upstream | * |
| Red Hat Enterprise Linux 4 | RedHat | mysql-0:4.1.20-3.RHEL4.1.el4_6.1 | * |
| Red Hat Enterprise Linux 5 | RedHat | mysql-0:5.0.22-2.2.el5_1.1 | * |
| Red Hat Web Application Stack for RHEL 4 | RedHat | mysql-0:5.0.44-2.el4s1.1 | * |