Devin Carraway

**Name of the Vulnerable Software and Affected Versions** MySQL version 5.0.51a **Description** The issue allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments associated with symlinks within pathnames for subdirectories of the MySQL home data directory. These symlinks are followed when tables are created in the future. **Recommendations** For MySQL version 5.0.51a, consider restricting the use of CREATE TABLE statements with modified DATA DIRECTORY or INDEX DIRECTORY arguments to minimize the risk of exploitation. Additionally, avoid using symlinks within pathnames for subdirectories of the MySQL home data directory until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MySQL versions prior to 5.0.67 **Description** The issue allows local users to bypass certain privilege checks by exploiting the CREATE TABLE functionality on MyISAM tables. This is achieved by modifying the DATA DIRECTORY or INDEX DIRECTORY arguments to point to tables that can be created at a future time, potentially allowing access to subdirectories of the MySQL home data directory through symlinks. **Recommendations** For MySQL versions prior to 5.0.67, update to version 5.0.67 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Synaesthesia versions 2.1 and earlier **Description** The issue allows local users to read arbitrary files due to the software not dropping privileges before processing configuration and mixer files when installed setuid root. **Recommendations** For Synaesthesia versions 2.1 and earlier, consider dropping privileges before processing configuration and mixer files to prevent unauthorized access. As a temporary workaround, restrict the use of setuid root installation until a proper fix is applied.