CVE-2006-4227
Published Aug 18, 2006
Last updated 5 years ago
Overview
- Description
- MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatThis issue did not affect the versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. Issue was addressed in MySQL packages as shipped in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0364.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B77A2761-2B44-4061-9C29-A54F90A1AD83"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3AD851-056F-4E57-B85B-4AC5A5A20C0C"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD24EA8C-4FCA-4F40-B2EA-7DFA49432483"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "754B78F2-A03C-40BE-812B-F5E57B93D20B"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "665E063D-355D-4A5A-A05F-36BF582DE36F"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "214E3CF9-6362-4F5A-91B7-5E69564F7144"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4C6CD84-EA5D-451F-AFC3-5F7094F0017D"
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35BED939-3366-4CBF-B6BF-29C0C42E97F7"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19001041-22C4-4D2C-A918-378DACBB1DF4"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88FEEE64-899F-4F55-B829-641706E29E32"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EB2323C-EFE2-407A-9AE9-8717FA9F8625"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6341F695-6034-4CC1-9485-ACD3A0E1A079"
}
],
"operator": "OR"
}
]
}
]