Name | CVE-2006-4031 |
Description | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Debian Bugs | 380271, 382415 |
The information below is based on the following data on fixed versions.
Notes
[sarge] - mysql-dfsg-4.1 <no-dsa> (Now documented design error, no real fix feasible)
[sarge] - mysql-dfsg <no-dsa> (Now documented design error, no real fix feasible)