• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability

Severity: MODERATE

Description:

MySQL is an open-source SQL database application available for multiple operating platforms.

MySQL is prone to a security-bypass vulnerability because it allows attackers to bypass certain checks when creating a table with certain 'DATA DIRECTORY' and 'INDEX DIRECTORY' options that are within the MySQL home data directory. This issue occurs when the home data directory contains a symbolic link to a different filesystem.

Successful exploits will allow attackers to bypass certain security restrictions.

The following are vulnerable:

MySQL 5.0.x through 5.0.88
MySQL 5.1.x through 5.1.41
MySQL 6.0 (prior to 6.0.9-alpha)

Affected Products:

• Apple Mac OS X Server 10.6
• Apple Mac OS X Server 10.6.1
• Apple Mac OS X Server 10.6.2
• Mandriva Linux Mandrake 2009.1
• Mandriva Linux Mandrake 2009.1 x86_64
• Mandriva Linux Mandrake 2010.0
• Mandriva Linux Mandrake 2010.0 x86_64
• MySQL AB MySQL 5.0
• MySQL AB MySQL 5.0.0 .0-0
• MySQL AB MySQL 5.0.0 .0-alpha
• MySQL AB MySQL 5.0.1
• MySQL AB MySQL 5.0.18
• MySQL AB MySQL 5.0.19
• MySQL AB MySQL 5.0.2
• MySQL AB MySQL 5.0.20
• MySQL AB MySQL 5.0.21
• MySQL AB MySQL 5.0.22
• MySQL AB MySQL 5.0.22 -1-0.1
• MySQL AB MySQL 5.0.24
• MySQL AB MySQL 5.0.26
• MySQL AB MySQL 5.0.27
• MySQL AB MySQL 5.0.3
• MySQL AB MySQL 5.0.32
• MySQL AB MySQL 5.0.33
• MySQL AB MySQL 5.0.36
• MySQL AB MySQL 5.0.37
• MySQL AB MySQL 5.0.38
• MySQL AB MySQL 5.0.39
• MySQL AB MySQL 5.0.4
• MySQL AB MySQL 5.0.40
• MySQL AB MySQL 5.0.42
• MySQL AB MySQL 5.0.44
• MySQL AB MySQL 5.0.45
• MySQL AB MySQL 5.0.46
• MySQL AB MySQL 5.0.47
• MySQL AB MySQL 5.0.48
• MySQL AB MySQL 5.0.49
• MySQL AB MySQL 5.0.50
• MySQL AB MySQL 5.0.51
• MySQL AB MySQL 5.0.51a
• MySQL AB MySQL 5.0.52
• MySQL AB MySQL 5.0.60
• MySQL AB MySQL 5.0.66
• MySQL AB MySQL 5.0.75
• MySQL AB MySQL 5.0.88
• MySQL AB MySQL 5.1.10
• MySQL AB MySQL 5.1.11
• MySQL AB MySQL 5.1.12
• MySQL AB MySQL 5.1.13
• MySQL AB MySQL 5.1.14
• MySQL AB MySQL 5.1.15
• MySQL AB MySQL 5.1.16
• MySQL AB MySQL 5.1.17
• MySQL AB MySQL 5.1.18
• MySQL AB MySQL 5.1.22
• MySQL AB MySQL 5.1.23
• MySQL AB MySQL 5.1.26
• MySQL AB MySQL 5.1.30
• MySQL AB MySQL 5.1.31
• MySQL AB MySQL 5.1.32
• MySQL AB MySQL 5.1.33
• MySQL AB MySQL 5.1.34
• MySQL AB MySQL 5.1.35
• MySQL AB MySQL 5.1.36
• MySQL AB MySQL 5.1.37
• MySQL AB MySQL 5.1.38
• MySQL AB MySQL 5.1.39
• MySQL AB MySQL 5.1.41
• MySQL AB MySQL 5.1.5
• MySQL AB MySQL 5.1.6
• MySQL AB MySQL 5.1.9
• MySQL AB MySQL 6.0.0
• MySQL AB MySQL 6.0.1
• MySQL AB MySQL 6.0.2
• MySQL AB MySQL 6.0.3
• MySQL AB MySQL 6.0.4
• MySQL AB MySQL 6.0.6
• MySQL AB MySQL 6.0.7
• MySQL AB MySQL 6.0.8
• Pardus Linux 2009
• Red Hat Fedora 11
• Red Hat Fedora 12
• SuSE SUSE Linux Enterprise 10 SP2
• SuSE SUSE Linux Enterprise 10 SP3
• Ubuntu Ubuntu Linux 6.06 LTS amd64
• Ubuntu Ubuntu Linux 6.06 LTS i386
• Ubuntu Ubuntu Linux 6.06 LTS powerpc
• Ubuntu Ubuntu Linux 6.06 LTS sparc
• Ubuntu Ubuntu Linux 8.04 LTS amd64
• Ubuntu Ubuntu Linux 8.04 LTS i386
• Ubuntu Ubuntu Linux 8.04 LTS lpia
• Ubuntu Ubuntu Linux 8.04 LTS powerpc
• Ubuntu Ubuntu Linux 8.04 LTS sparc
• Ubuntu Ubuntu Linux 8.10 amd64
• Ubuntu Ubuntu Linux 8.10 i386
• Ubuntu Ubuntu Linux 8.10 lpia
• Ubuntu Ubuntu Linux 8.10 powerpc
• Ubuntu Ubuntu Linux 8.10 sparc
• Ubuntu Ubuntu Linux 9.04 amd64
• Ubuntu Ubuntu Linux 9.04 i386
• Ubuntu Ubuntu Linux 9.04 lpia
• Ubuntu Ubuntu Linux 9.04 powerpc
• Ubuntu Ubuntu Linux 9.04 sparc
• Ubuntu Ubuntu Linux 9.10 amd64
• Ubuntu Ubuntu Linux 9.10 i386
• Ubuntu Ubuntu Linux 9.10 lpia
• Ubuntu Ubuntu Linux 9.10 powerpc
• Ubuntu Ubuntu Linux 9.10 sparc

References:

• CVE: CVE-2008-7247
• Ingo Strüwing: Bug #39277 Creation of table with data and/or index files in data home directory
• Jan Lieskovsky: Bug 543619 - (CVE-2008-7247) CVE-2008-7247 MySQL: Intended access restrictions
• MySQL AB: MySQL Homepage
• Ubuntu: Ubuntu Security Notice USN-897-1

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.