gsd-2012-5613
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
Aliases
Aliases
CVE-2012-5613


To clipboard 

{
  "GSD": {
    "alias": "CVE-2012-5613",
    "description": "** DISPUTED **  MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator.  NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation.  NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.",
    "id": "GSD-2012-5613",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-5613.html",
      "https://packetstormsecurity.com/files/cve/CVE-2012-5613"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-5613"
      ],
      "details": "** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.",
      "id": "GSD-2012-5613",
      "modified": "2023-12-13T01:20:19.011847Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-5613",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "53372",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/53372"
          },
          {
            "name": "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based  buffer overrun PoC Zeroday",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/12/02/3"
          },
          {
            "name": "GLSA-201308-06",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
          },
          {
            "name": "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based  buffer overrun PoC Zeroday",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/12/02/4"
          },
          {
            "name": "SUSE-SU-2013:0262",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html"
          },
          {
            "name": "20121201 MySQL (Linux) Database Privilege Elevation\tZeroday Exploit",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2012/Dec/6"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*",
                    "matchCriteriaId": "46E32ACD-E034-4FD6-A54A-43AFDA1AA196",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*",
                    "matchCriteriaId": "77E105E9-FE65-4B75-9818-D3897294E941",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0CB340E1-C27D-4D36-A3B3-ABAB84667A53",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue."
          },
          {
            "lang": "es",
            "value": "** En disputa ** MySQL v5.5.19 y posiblemente otras versiones, y MariaDB v5.5.28a y posiblemente otros, cuando se configura para asignar el permiso FILE para los usuarios que no deben tener privilegios administrativos, permite a usuarios remotos autenticados obtener privilegios aprovech\u00e1ndose del privilegio FILE para crear los archivos como el administrador de MySQL. NOTA: el vendedor se opone a esta cuesti\u00f3n, afirmando que esto es s\u00f3lo una vulnerabilidad cuando el administrador no sigue las recomendaciones en la documentaci\u00f3n de instalaci\u00f3n del producto. NOTA: Se podr\u00eda argumentar que esto no deber\u00eda ser incluido en CVE porque es un problema de configuraci\u00f3n.\r\n"
          }
        ],
        "evaluatorComment": "Per http://www.openwall.com/lists/oss-security/2012/12/02/3, this vulnerability is for linux-based software installations.\r\n\r\n",
        "id": "CVE-2012-5613",
        "lastModified": "2024-04-11T00:49:29.843",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.0,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 6.8,
              "impactScore": 6.4,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": true,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2012-12-03T12:49:43.643",
        "references": [
          {
            "source": "secalert@redhat.com",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Exploit"
            ],
            "url": "http://seclists.org/fulldisclosure/2012/Dec/6"
          },
          {
            "source": "secalert@redhat.com",
            "url": "http://secunia.com/advisories/53372"
          },
          {
            "source": "secalert@redhat.com",
            "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
          },
          {
            "source": "secalert@redhat.com",
            "url": "http://www.openwall.com/lists/oss-security/2012/12/02/3"
          },
          {
            "source": "secalert@redhat.com",
            "url": "http://www.openwall.com/lists/oss-security/2012/12/02/4"
          }
        ],
        "sourceIdentifier": "secalert@redhat.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-16"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.