CVE-2006-4031 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-4031
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4031

Description: MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-338-1 SUSE http://www.novell.com/linux/security/advisories/2006_23_sr.html ST 1016617 SAID Secunia Advisory: SA21627 Secunia Advisory: SA21770 Secunia Advisory: SA21685 Secunia Advisory: SA21382 Secunia Advisory: SA21259 Secunia Advisory: SA22080 Secunia Advisory: SA24479 Secunia Advisory: SA31226 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0083.html http://www.redhat.com/support/errata/RHSA-2008-0768.html MISC http://bugs.mysql.com/bug.php?id=15195 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:149 CONFIRM http://docs.info.apple.com/article.html?artnum=305214 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 19279 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.