CVE-2006-4226 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4226
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4226

Description: MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28448 SUSE http://www.novell.com/linux/security/advisories/2006_23_sr.html ST 1016710 SAID Secunia Advisory: SA22080 Secunia Advisory: SA21627 Secunia Advisory: SA21762 Secunia Advisory: SA21506 Secunia Advisory: SA24479 Secunia Advisory: SA24744 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0083.html http://www.redhat.com/support/errata/RHSA-2007-0152.html MLIST http://lists.mysql.com/commits/5927 MISC http://bugs.mysql.com/bug.php?id=17647 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:149 DEBIAN http://www.debian.org/security/2006/dsa-1169 CONFIRM http://docs.info.apple.com/article.html?artnum=305214 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 19559 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.