NuytsTech Security

CVE-2003-0150

by ·

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.

Date published : 2003-03-21

http://www.securityfocus.com/bid/7052

http://marc.info/?l=bugtraq&m=104715840202315&w=2

Tags: