FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mysql -- renaming of arbitrary tables by authenticated users

Affected packages
4.1 <= mysql-server < 4.1.23
5.0 <= mysql-server < 5.0.42
5.1 <= mysql-server < 5.1.18

Details

VuXML ID bb4e9a44-dff2-11dd-a765-0030843d3802
Discovery 2007-05-14
Entry 2009-01-11

MySQL reports:

The requirement of the DROP privilege for RENAME TABLE was not enforced.

References

Bugtraq ID 24016
CVE Name CVE-2007-2691
URL http://bugs.mysql.com/bug.php?id=27515