Your submission was sent successfully! Close

USN-109-1: MySQL vulnerability

6 April 2005

MySQL vulnerability



USN-32-1 fixed a database privilege escalation vulnerability; original
advisory text:

"If a user was granted privileges to a database with a name
containing an underscore ("_"), the user also gained the ability to
grant privileges to other databases with similar names.

Recently a corner case was discovered where this vulnerability can
still be exploited, so another update is necessary.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
  • mysql-server -

In general, a standard system update will make all the necessary changes.


Related notices