sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mysql | Mysql | 5.0.0 (including) | 5.0.0 (including) |
| Mysql | Mysql | 5.0.1 (including) | 5.0.1 (including) |
| Mysql | Mysql | 5.0.2 (including) | 5.0.2 (including) |
| Mysql | Mysql | 5.0.3 (including) | 5.0.3 (including) |
| Mysql | Mysql | 5.0.4 (including) | 5.0.4 (including) |
| Mysql | Mysql | 5.0.5 (including) | 5.0.5 (including) |
| Mysql | Mysql | 5.0.5.0.21 (including) | 5.0.5.0.21 (including) |
| Mysql | Mysql | 5.0.10 (including) | 5.0.10 (including) |
| Mysql | Mysql | 5.0.15 (including) | 5.0.15 (including) |
| Mysql | Mysql | 5.0.16 (including) | 5.0.16 (including) |
| Mysql | Mysql | 5.0.17 (including) | 5.0.17 (including) |
| Mysql | Mysql | 5.0.20 (including) | 5.0.20 (including) |
| Mysql | Mysql | 5.0.22.1.0.1 (including) | 5.0.22.1.0.1 (including) |
| Mysql | Mysql | 5.0.24 (including) | 5.0.24 (including) |
| Mysql | Mysql | 5.0.30 (including) | 5.0.30 (including) |
| Mysql | Mysql | 5.0.36 (including) | 5.0.36 (including) |
| Mysql | Mysql | 5.0.44 (including) | 5.0.44 (including) |
| Mysql | Mysql | 5.0.54 (including) | 5.0.54 (including) |
| Mysql | Mysql | 5.0.56 (including) | 5.0.56 (including) |
| Mysql | Mysql | 5.0.60 (including) | 5.0.60 (including) |
| Mysql | Mysql | 5.0.66 (including) | 5.0.66 (including) |
| Mysql | Mysql | 5.0.82 (including) | 5.0.82 (including) |
| Mysql | Mysql | 5.1.5 (including) | 5.1.5 (including) |
| Mysql | Mysql | 5.1.23 (including) | 5.1.23 (including) |
| Mysql | Mysql | 5.1.32 (including) | 5.1.32 (including) |
| Mysql | Mysql | 6.0.9 (including) | 6.0.9 (including) |
| Mysql | Oracle | 5.0.0-alpha (including) | 5.0.0-alpha (including) |
| Mysql | Oracle | 5.0.3-beta (including) | 5.0.3-beta (including) |
| Mysql | Oracle | 5.0.6 (including) | 5.0.6 (including) |
| Mysql | Oracle | 5.0.7 (including) | 5.0.7 (including) |
| Mysql | Oracle | 5.0.8 (including) | 5.0.8 (including) |
| Mysql | Oracle | 5.0.11 (including) | 5.0.11 (including) |
| Mysql | Oracle | 5.0.12 (including) | 5.0.12 (including) |
| Mysql | Oracle | 5.0.13 (including) | 5.0.13 (including) |
| Mysql | Oracle | 5.0.14 (including) | 5.0.14 (including) |
| Mysql | Oracle | 5.0.18 (including) | 5.0.18 (including) |
| Mysql | Oracle | 5.0.19 (including) | 5.0.19 (including) |
| Mysql | Oracle | 5.0.21 (including) | 5.0.21 (including) |
| Mysql | Oracle | 5.0.22 (including) | 5.0.22 (including) |
| Mysql | Oracle | 5.0.23 (including) | 5.0.23 (including) |
| Mysql | Oracle | 5.0.25 (including) | 5.0.25 (including) |
| Mysql | Oracle | 5.0.26 (including) | 5.0.26 (including) |
| Mysql | Oracle | 5.0.27 (including) | 5.0.27 (including) |
| Mysql | Oracle | 5.0.30-sp1 (including) | 5.0.30-sp1 (including) |
| Mysql | Oracle | 5.0.32 (including) | 5.0.32 (including) |
| Mysql | Oracle | 5.0.33 (including) | 5.0.33 (including) |
| Mysql | Oracle | 5.0.37 (including) | 5.0.37 (including) |
| Mysql | Oracle | 5.0.38 (including) | 5.0.38 (including) |
| Mysql | Oracle | 5.0.41 (including) | 5.0.41 (including) |
| Mysql | Oracle | 5.0.42 (including) | 5.0.42 (including) |
| Mysql | Oracle | 5.0.45 (including) | 5.0.45 (including) |
| Mysql | Oracle | 5.0.50 (including) | 5.0.50 (including) |
| Mysql | Oracle | 5.0.51 (including) | 5.0.51 (including) |
| Mysql | Oracle | 5.0.52 (including) | 5.0.52 (including) |
| Mysql | Oracle | 5.0.75 (including) | 5.0.75 (including) |
| Mysql | Oracle | 5.0.77 (including) | 5.0.77 (including) |
| Mysql | Oracle | 5.0.81 (including) | 5.0.81 (including) |
| Mysql | Oracle | 5.0.83 (including) | 5.0.83 (including) |
| Mysql | Oracle | 5.1 (including) | 5.1 (including) |
| Mysql | Oracle | 5.1.1 (including) | 5.1.1 (including) |
| Mysql | Oracle | 5.1.2 (including) | 5.1.2 (including) |
| Mysql | Oracle | 5.1.3 (including) | 5.1.3 (including) |
| Mysql | Oracle | 5.1.4 (including) | 5.1.4 (including) |
| Mysql | Oracle | 5.1.6 (including) | 5.1.6 (including) |
| Mysql | Oracle | 5.1.7 (including) | 5.1.7 (including) |
| Mysql | Oracle | 5.1.8 (including) | 5.1.8 (including) |
| Mysql | Oracle | 5.1.9 (including) | 5.1.9 (including) |
| Mysql | Oracle | 5.1.10 (including) | 5.1.10 (including) |
| Mysql | Oracle | 5.1.11 (including) | 5.1.11 (including) |
| Mysql | Oracle | 5.1.12 (including) | 5.1.12 (including) |
| Mysql | Oracle | 5.1.13 (including) | 5.1.13 (including) |
| Mysql | Oracle | 5.1.14 (including) | 5.1.14 (including) |
| Mysql | Oracle | 5.1.15 (including) | 5.1.15 (including) |
| Mysql | Oracle | 5.1.16 (including) | 5.1.16 (including) |
| Mysql | Oracle | 5.1.17 (including) | 5.1.17 (including) |
| Mysql | Oracle | 5.1.18 (including) | 5.1.18 (including) |
| Mysql | Oracle | 5.1.19 (including) | 5.1.19 (including) |
| Mysql | Oracle | 5.1.20 (including) | 5.1.20 (including) |
| Mysql | Oracle | 5.1.21 (including) | 5.1.21 (including) |
| Mysql | Oracle | 5.1.22 (including) | 5.1.22 (including) |
| Mysql | Oracle | 5.1.30 (including) | 5.1.30 (including) |
| Mysql | Oracle | 6.0.0 (including) | 6.0.0 (including) |
| Mysql | Oracle | 6.0.1 (including) | 6.0.1 (including) |
| Mysql | Oracle | 6.0.2 (including) | 6.0.2 (including) |
| Mysql | Oracle | 6.0.3 (including) | 6.0.3 (including) |
| Mysql | Oracle | 6.0.4 (including) | 6.0.4 (including) |
| Mysql-5.1 | Ubuntu | devel | * |
| Mysql-5.1 | Ubuntu | maverick | * |
| Mysql-dfsg | Ubuntu | dapper | * |
| Mysql-dfsg-4.1 | Ubuntu | dapper | * |
| Mysql-dfsg-5.1 | Ubuntu | jaunty | * |
| Mysql-dfsg-5.1 | Ubuntu | karmic | * |
| Mysql-dfsg-5.1 | Ubuntu | lucid | * |