Vigil@nce - MySQL: access bypass via symlink
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use a symbolic link, in order to bypass
access restrictions of a MySQL table.
Impacted products: MySQL Community, MySQL Enterprise
Severity: 2/4
Creation date: 27/09/2012
DESCRIPTION OF THE VULNERABILITY
The bulletin VIGILANCE-VUL-9253 (https://vigilance.fr/tree/1/9253)
describes a vulnerability allowing a local attacker to use a
symbolic link, in order to bypass access restrictions of a MySQL
table (CVE-2009-4030).
This vulnerability was announced as corrected in version 5.0.88
(VIGILANCE-SOL-19198 (https://vigilance.fr/tree/2/19198)).
However, this vulnerability was not corrected in this branch.
An attacker, who can create a symbolic link in basedir or datadir
directories, can therefore still bypass access restrictions of a
table.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/MySQL-access-bypass-via-symlink-11988