Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 238117 (CVE-2008-4097) - dev-db/mysql <5.0.70 DATA / INDEX DIRECTORY symlink attack (CVE-2008-{4097,4098})
Summary: dev-db/mysql <5.0.70 DATA / INDEX DIRECTORY symlink attack (CVE-2008-{4097,40...
Status: RESOLVED FIXED
Alias: CVE-2008-4097
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B3 [glsa]
Keywords:
Depends on: 246652
Blocks:
  Show dependency tree
 
Reported: 2008-09-19 15:15 UTC by Robert Buchholz (RETIRED)
Modified: 2012-01-05 22:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-09-19 15:15:29 UTC
CVE-2008-4097 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4097):
  MySQL 5.0.51a allows local users to bypass certain privilege checks
  by calling CREATE TABLE on a MyISAM table with modified (1) DATA
  DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with
  symlinks within pathnames for subdirectories of the MySQL home data
  directory, which are followed when tables are created in the future.
  NOTE: this vulnerability exists because of an incomplete fix for
  CVE-2008-2079.

CVE-2008-4098 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4098):
  MySQL before 5.0.67 allows local users to bypass certain privilege
  checks by calling CREATE TABLE on a MyISAM table with modified (1)
  DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally
  associated with pathnames without symlinks, and that can point to
  tables created at a future time at which a pathname is modified to
  contain a symlink to a subdirectory of the MySQL home data directory.
  NOTE: this vulnerability exists because of an incomplete fix for
  CVE-2008-4097.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-09 20:06:49 UTC
mysql: *ping*
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2008-11-10 00:00:58 UTC
you'll get it, i'm just having issues with getting all the required patchs integrated for mysql-5.0.70.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-10 10:41:50 UTC
Thanks, I just wanted information :)
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2008-11-26 16:05:46 UTC
All security relevant arches stable due to bug 246652.

I vote YES.
Comment 5 Tobias Heinlein (RETIRED) gentoo-dev 2008-11-30 18:31:10 UTC
YES for sure, request already filed for another bug.
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2009-02-28 11:09:08 UTC
security: what's the status on this?
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2012-01-05 22:46:30 UTC
This issue was resolved and addressed in
 GLSA 201201-02 at http://security.gentoo.org/glsa/glsa-201201-02.xml
by GLSA coordinator Tim Sammut (underling).