This CVE name corresponds to:
| Entered | Topic |
|---|---|
| 2004-12-16 | mysql -- GRANT access restriction problem |
The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.
| Type | Candidate |
| Name | CVE-2004-0957 |
| Phase | Assigned(20041013) |
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
| Source | Reference |
|---|---|
| CONECTIVA | CLA-2005:947 |
| DEBIAN | DSA-707 |
| MANDRAKE | MDKSA-2005:070 |
| REDHAT | RHSA-2004:597 |
| REDHAT | RHSA-2004:611 |
| UBUNTU | USN-32-1 |
| CIAC | P-018 |
| XF | mysql-underscore-gain-priv(17783) |
Copyright © 2005 The MITRE Corporation.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright
information.