mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.3 KiB
1.3 KiB
CVE-2008-4098
Description
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
POC
Reference
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/DButter/whitehat_public
- https://github.com/Dokukin1/Metasploitable
- https://github.com/Iknowmyname/Nmap-Scans-M2
- https://github.com/NikulinMS/13-01-hw
- https://github.com/Zhivarev/13-01-hw
- https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems
- https://github.com/tomwillfixit/alpine-cvecheck
- https://github.com/zzzWTF/db-13-01