Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0835

Published: 03/11/2004 Updated: 07/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Oracle

Vulnerability Summary

MySQL 3.x prior to 3.23.59, 4.x prior to 4.0.19, 4.1.x prior to 4.1.2, and 5.x prior to 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow malicious users to conduct unauthorized activities.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql

mysql mysql

debian debian linux 3.0

Vendor Advisories

Red Hat: mysql-server security update
Synopsis mysql-server security update Type/Severity Security Advisory: Important Topic An updated mysql-server package that fixes various security issues is nowavailable in the Red Hat Enterprise Linux 3 Extras channel of Red Hat Network Description MySQL is a multi-user, multi-threaded SQ ...
Red Hat: mysql security update
Synopsis mysql security update Type/Severity Security Advisory: Important Topic Updated mysql packages that fix various security issues, as well as anumber of bugs, are now available for Red Hat Enterprise Linux 21 Description MySQL is a multi-user, multi-threaded SQL database serverA nu ...

Exploits

Exploit DB: MySQL 3.x/4.x - ALTER TABLE/RENAME Forces Old Permission Checks
source: wwwsecurityfocuscom/bid/11357/info MySQL is reported prone to multiple local vulnerabilities Exploiting these issues may allow an attacker to bypass security restrictions or cause a denial-of-service condition in the application Rportedly, an attacker can bypass certain security restrictions and gain access to and corrupt pote ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2004/dsa-562http://www.redhat.com/support/errata/RHSA-2004-597.htmlhttp://www.redhat.com/support/errata/RHSA-2004-611.htmlhttp://www.trustix.org/errata/2004/0054/http://www.gentoo.org/security/en/glsa/glsa-200410-22.xmlhttp://bugs.mysql.com/bug.php?id=3270http://lists.mysql.com/internals/13073http://secunia.com/advisories/12783/http://www.securityfocus.com/bid/11357http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892http://securitytracker.com/id?1011606http://www.ciac.org/ciac/bulletins/p-018.shtmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.htmlhttp://www.mysql.org/doc/refman/4.1/en/news-4-1-2.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17666https://access.redhat.com/errata/RHSA-2004:611https://nvd.nist.govhttps://www.exploit-db.com/exploits/24669/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook