CVE-2003-0150 in MySQLinfo

Summary

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/18/2003

Disclosure

03/24/2003

Moderation

VulDB entry created

Entries

VDB-20222 (1)

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

8.8

EPSS

0.12813

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0150
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0150
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0150/

◂ Previous Overview Next ▸