Vulnerabilities > CVE-2001-0407 - Symbolic Link File Overwriting vulnerability in MySQL Root Operation
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
Vulnerable Configurations
Exploit-Db
description | MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability. CVE-2001-0407 . Local exploit for unix platform |
id | EDB-ID:20718 |
last seen | 2016-02-02 |
modified | 2001-03-18 |
published | 2001-03-18 |
reporter | lesha |
source | https://www.exploit-db.com/download/20718/ |
title | MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability |
Nessus
NASL family | Databases |
NASL id | MYSQL_FLAWS.NASL |
description | The installed version of MySQL is older than version 3.23.36. Such versions are potentially affected by multiple vulnerabilities : - It is possible to modify arbitrary files and gain privileges by creating a database with |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10626 |
published | 2001-03-08 |
reporter | This script is Copyright (C) 2001-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/10626 |
title | MySQL < 3.23.36 Multiple Vulnerabilities |