oval:org.mitre.oval:def:23174

Definition Id: oval:org.mitre.oval:def:23174

Oval ID:	oval:org.mitre.oval:def:23174
Title:	ELSA-2013:0121: mysql security and bug fix update (Low)
Description:	MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0121-00 CVE-2012-4452	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	mysql
Definition Synopsis:
Oracle Linux 5.x rpm test mysql-server is earlier than 0:5.0.95-3.el5 AND mysql-bench is earlier than 0:5.0.95-3.el5 AND mysql is earlier than 0:5.0.95-3.el5 AND mysql-devel is earlier than 0:5.0.95-3.el5 AND mysql-test is earlier than 0:5.0.95-3.el5

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:23174