CVE-2003-0150
Published Mar 24, 2003
Last updated 5 years ago
Overview
- Description
- MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50FC2146-5BC0-4CA6-8700-5877C01B777D"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F79AFBCE-FFF7-4348-BE17-42A7978E17E8"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.53a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A3C056E-EEB9-4B95-A155-F71B80B9695D"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1AB3865-4ABC-4B5A-8C4F-65C6E5B2E956"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.54a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EFB2D10-E255-4DD3-BF03-217803CDED24"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:3.23.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "436D90B0-C839-4B9F-853D-51C34459A11F"
}
],
"operator": "OR"
}
]
}
]