oval:org.mitre.oval:def:22758

Definition Id: oval:org.mitre.oval:def:22758

Oval ID:	oval:org.mitre.oval:def:22758
Title:	ELSA-2010:0109: mysql security update (Moderate)
Description:	MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0109-01 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	mysql
Definition Synopsis:
Oracle Linux 5.x rpm test mysql-test is earlier than 0:5.0.77-4.el5_4.2 AND mysql is earlier than 0:5.0.77-4.el5_4.2 AND mysql-server is earlier than 0:5.0.77-4.el5_4.2 AND mysql-bench is earlier than 0:5.0.77-4.el5_4.2 AND mysql-devel is earlier than 0:5.0.77-4.el5_4.2

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22758