MySQL prior to 4.1.23, 5.0.x prior to 5.0.42, and 5.1.x prior to 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mysql mysql |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 7.04 |