CVE-2010-2008
Description
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service
OS impact
Fedora Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| 13 | Affected | โ |
Ubuntu Affected 7 releases
| Version | Status | Fixed in |
|---|---|---|
| 11.10 | Affected | โ |
| 11.04 | Affected | โ |
| 10.10 | Affected | โ |
| 10.04 | Affected | โ |
| 9.10 | Affected | โ |
| 8.04 | Affected | โ |
| 6.06 | Affected | โ |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| oracle | mysql | {"endExcluding":"5.1.48"} | 5.1.48 |
References
- http://bugs.mysql.com/bug.php?id=53804
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html
- http://secunia.com/advisories/40333
- http://secunia.com/advisories/40762
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
- http://www.securityfocus.com/bid/41198
- http://www.securitytracker.com/id?1024160
- http://www.ubuntu.com/usn/USN-1017-1
- http://www.ubuntu.com/usn/USN-1397-1
- http://www.vupen.com/english/advisories/2010/1918
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869
- http://bugs.mysql.com/bug.php?id=53804
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html
- http://secunia.com/advisories/40333
- http://secunia.com/advisories/40762
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
- http://www.securityfocus.com/bid/41198
- http://www.securitytracker.com/id?1024160
- http://www.ubuntu.com/usn/USN-1017-1
- http://www.ubuntu.com/usn/USN-1397-1
- http://www.vupen.com/english/advisories/2010/1918
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869
CWEs
CWE-77
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.