oss-sec mailing list archives
CVE assignment and second opinion needed
From: Josh Bressers <bressers () redhat com>
Date: Wed, 11 Nov 2009 12:48:44 -0500 (EST)
Hi Steve, So this one is a bit tricky. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555626 There are almost two flaws here, certainly one. The issue really boils down to if /var/lib/mysql is world readable, it's possible for a local user who also has database access, and can guess a future database table name, could ensure that table will be a world writable file. That's an impressive runon sentence. So The question I have with respect to CVE assignment, is which part of this is worth of the ID. I'm thinking the directory permissions are possibly an issue, but by itself, isn't really a security flaw. The CREATE TABLE not fixing permissions if the file already exists is probably closer to the real problem. Being able to do a select into an outfile anywhere by default may also be an issue. I'm CCing Sergei Golubchik from MySQL who reported this to the packagers list so he can weigh in if I'm wrong (which is very possible). Also, Sergei, do you folks have a fix for this yet? I'm curious to see what you're fixing, which may help decide CVE assignment. Thanks. -- JB
Current thread:
- CVE assignment and second opinion needed Josh Bressers (Nov 11)
- Re: CVE assignment and second opinion needed Sergei Golubchik (Nov 11)