Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0407

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2001-0407
Last Modified 05 Sep 2008 04:24:01
Published 27 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0407

Summary

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).

Vulnerable Systems

Application

  • Mysql 3.23.36


References

BUGTRAQ - 20010327 MySQL 3.23.36 is relased (fwd)

BUGTRAQ - 20010318 potential vulnerability of mysqld running with root privileges (can be used as good DoS or r00t expoloit)

XF - mysql-dot-directory-traversal(6617)

BID - 2522


Last Updated: 27 May 2016 10:36:15