Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FreeBSD Ports: mysql-server

Information

Severity

Severity

High

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

7.1

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:H/Au:S/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

15 years ago

Modified

Modified

7 years ago

Share

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Insight

Insight

The following package is affected: mysql-server CVE-2007-5969 MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Solution

Solution

Update your system with the appropriate patches or software upgrades. http://bugs.mysql.com/bug.php?id=32111 http://www.vuxml.org/freebsd/8c451386-dff3-11dd-a765-0030843d3802.html

Common Vulnerabilities and Exposures (CVE)