CVE-2006-4226

Related Files

Debian Linux Security Advisory 1169-1

Posted Sep 7, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1169-1 - Several local vulnerabilities have been discovered in the MySQL database server. Michal Prokopiuk discovered that remote authenticated users are permitted to create and access a database if the lowercase spelling is the same as one they have been granted access to. Beat Vontobel discovered that certain queries replicated to a slave could crash the client and thus terminate the replication.

tags | advisory, remote, local, vulnerability

systems | linux, debian

advisories | CVE-2006-4226, CVE-2006-4380

SHA-256 | 4037e89717a02092b41bc050048fed186c7ef990991d4d70c73933fd330d8b77

Download | Favorite | View

Mandriva Linux Security Advisory 2006.149

Posted Aug 28, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-149 - MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

tags | advisory, remote, local

systems | linux, mandriva

advisories | CVE-2006-4031, CVE-2006-4226

SHA-256 | 8a5deb764b1c633185695ddebb9ec526a1ef11db250cce81099d1e2987c38884

Download | Favorite | View