PublicDate: 2005-02-09 05:00:00 UTC
Candidate: CVE-2004-0957
References:
 https://ubuntu.com/security/notices/USN-109-1
 https://ubuntu.com/security/notices/USN-32-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0957
Description:
 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has
 privileges for a database whose name includes a "_" (underscore), grants
 privileges to other databases that have similar names, which can allow the
 user to conduct unauthorized activities.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_mysql-dfsg-4.1: released (4.1.15-1ubuntu5)
edgy_mysql-dfsg-4.1: released (4.1.15-1ubuntu5)
feisty_mysql-dfsg-4.1: DNE
devel_mysql-dfsg-4.1: DNE
dapper_mysql-dfsg: released (4.0.24-10ubuntu2)
edgy_mysql-dfsg: released (4.0.24-10ubuntu2)
feisty_mysql-dfsg: DNE
devel_mysql-dfsg: DNE
dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.3)
edgy_mysql-dfsg-5.0: released (5.0.24a-9ubuntu0.1)
feisty_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
devel_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
upstream_mysql-dfsg: needs-triage
upstream_mysql-dfsg-4.1: needs-triage
upstream_mysql-dfsg-5.0: needs-triage