CVE-2004-0835
MySQL <3.23.59, <4.0.19, <4.1.2, <5.0.1 - Privilege Escalation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0835. PoCs published by Oleksandr Byelkin.
AI-analyzed exploit summary This exploit demonstrates a local privilege escalation vulnerability in MySQL by exploiting an error in 'ALTER TABLE ... RENAME' operations, allowing an attacker to bypass security restrictions and gain unauthorized access to sensitive data.
Description
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
Exploits (1)
This exploit demonstrates a local privilege escalation vulnerability in MySQL by exploiting an error in 'ALTER TABLE ... RENAME' operations, allowing an attacker to bypass security restrictions and gain unauthorized access to sensitive data.