| Name | CVE-2004-0957 |
| Description | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-707-1 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| mysql | source | woody | 3.23.49-8.11 | DSA-707-1 | ||
| mysql-dfsg | source | (unstable) | 4.0.24-5 | |||
| mysql-dfsg-4.1 | source | (unstable) | 4.1.10a-6 |