Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MySQL Improper Link Resolution Before File Access (Link Following) Vulnerability - CVE-2008-7247 - Vulnerability Database
MySQL

MySQL Improper Link Resolution Before File Access (Link Following) Vulnerability - CVE-2008-7247

Medium
Reference: CVE-2008-7247
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-7247
Title: MySQL Improper Link Resolution Before File Access (Link Following) Vulnerability
Overview:

sql/sql_table.cc in MySQL 5.0.x through 5.0.88 5.1.x through 5.1.41 and 6.0 before 6.0.9-alpha when the data home directory contains a symlink to a different filesystem allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.