CVE-2006-4226
CVE-2006-4226
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.mysql.com/bug.php?id=17647http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.htmlhttp://docs.info.apple.com/article.html?artnum=305214http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlhttp://lists.mysql.com/commits/5927http://secunia.com/advisories/21506http://secunia.com/advisories/21627http://secunia.com/advisories/21762http://secunia.com/advisories/22080http://secunia.com/advisories/24479http://secunia.com/advisories/24744http://securitytracker.com/id?1016710