CVE-2008-4098

Name of the Vulnerable Software and Affected Versions MySQL versions prior to 5.0.67

Description The issue allows local users to bypass certain privilege checks by exploiting the CREATE TABLE functionality on MyISAM tables. This is achieved by modifying the DATA DIRECTORY or INDEX DIRECTORY arguments to point to tables that can be created at a future time, potentially allowing access to subdirectories of the MySQL home data directory through symlinks.

Recommendations For MySQL versions prior to 5.0.67, update to version 5.0.67 or later to resolve the issue.