Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2003-0150

CVE information

Published

21 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf..

CVSSv2.0 Score

Severity
High
Base Score
9/10
Exploit Score
8/10
Access Vector
Network
Access Complexity
Low
Authentication Required
Single
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:oracle:mysql:3.23.52:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:mysql:3.23.53:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:mysql:3.23.53a:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:mysql:3.23.54:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:mysql:3.23.54a:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:mysql:3.23.55:*:*:*:*:*:*:*
  Yes
- -