DescriptionMySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
- SUSE-SR:2004:001, published Wednesday, Nov 24th 2004 12:00 MEST