CVE-2004-0835

MySQL <3.23.59, <4.0.19, <4.1.2, <5.0.1 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0835. PoCs published by Oleksandr Byelkin.

AI-analyzed exploit summary This exploit demonstrates a local privilege escalation vulnerability in MySQL by exploiting an error in 'ALTER TABLE ... RENAME' operations, allowing an attacker to bypass security restrictions and gain unauthorized access to sensitive data.

Description

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Oleksandr Byelkin · textremotelinux
https://www.exploit-db.com/exploits/24669

This exploit demonstrates a local privilege escalation vulnerability in MySQL by exploiting an error in 'ALTER TABLE ... RENAME' operations, allowing an attacker to bypass security restrictions and gain unauthorized access to sensitive data.

Classification
Working Poc 80%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: MySQL (version not specified)
Auth required
Prerequisites: Local access to MySQL server · Valid credentials with sufficient privileges to execute ALTER TABLE commands
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (16)

Core 16
Core References
Exploit, Vendor Advisory x_refsource_misc
http://bugs.mysql.com/bug.php?id=3270
Vendor Advisory x_refsource_confirm
http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html
Patch, Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-611.html
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/12783/
Patch, Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2004/dsa-562
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1
Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11357
Broken Link vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892
Vendor Advisory x_refsource_confirm
http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17666
Patch, Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-597.html
Broken Link third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/p-018.shtml
Patch, Vendor Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml
Vendor Advisory vendor-advisory x_refsource_trustix
http://www.trustix.org/errata/2004/0054/
Vendor Advisory x_refsource_misc
http://lists.mysql.com/internals/13073
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1011606

Scores

EPSS 0.2235
EPSS Percentile 97.4%

Details

Status published
Products (3)
debian/debian_linux 3.0
mysql/mysql 4.1.0 - 4.1.2
oracle/mysql 3.20 - 3.23.59
Published Nov 03, 2004
Tracked Since Feb 18, 2026