Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-0407. PoCs published by lesha.
AI-analyzed exploit summary This exploit leverages a symbolic link attack in MySQL to overwrite system files like /etc/passwd and /etc/shadow, allowing local privilege escalation. It requires MySQL running as root and a user with 'create table' privileges.
Description
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
Exploits (1)
This exploit leverages a symbolic link attack in MySQL to overwrite system files like /etc/passwd and /etc/shadow, allowing local privilege escalation. It requires MySQL running as root and a user with 'create table' privileges.