|Bugzilla:||202246: CVE-2006-4031 MySQL improper permission revocation|
The MITRE CVE dictionary describes this issue as:
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
This issue was corrected in all affected mysql packages versions as shipped in Red Hat Enterprise Linux or Red Hat Application Stack via:
This issue did not affect mysql packages as shipped with Red Hat Enterprise Linux 2.1 or 3
Red Hat security errata
|Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (mysql)||RHSA-2007:0083||February 19, 2007|
|Red Hat Enterprise Linux version 4 (mysql)||RHSA-2008:0768||July 24, 2008|
|Red Hat Enterprise Linux version 5 (mysql)||RHSA-2008:0364||May 20, 2008|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.