PublicDate: 2008-05-05 16:20:00 UTC
Candidate: CVE-2008-2079
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
 https://ubuntu.com/security/notices/USN-671-1
Description:
 MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and
 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by
 calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or
 (2) INDEX DIRECTORY arguments that are within the MySQL home data
 directory, which can point to tables that are created in the future.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/bugs/254129
Priority: low
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_mysql-dfsg-5.0:
upstream_mysql-dfsg-5.0: released (5.0.60)
dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.11)
feisty_mysql-dfsg-5.0: needed (reached end-of-life)
gutsy_mysql-dfsg-5.0: released (5.0.45-1ubuntu3.4)
hardy_mysql-dfsg-5.0: released (5.0.51a-3ubuntu5.4)
intrepid_mysql-dfsg-5.0: not-affected (5.0.67-0ubuntu5)
devel_mysql-dfsg-5.0: not-affected (5.0.67-0ubuntu5)