Description
It was discovered that the MySQL client ignored certain SSL certificate
verification errors when connecting to servers. A man-in-the-middle
attacker could use this flaw to trick MySQL clients into connecting to a
spoofed MySQL server. (CVE-2009-4028)
A flaw was found in the way MySQL handled SELECT statements with subqueries
in the WHERE clause, that assigned results to a user variable. A remote,
authenticated attacker could use this flaw to crash the MySQL server daemon
(mysqld). This issue only caused a temporary denial of service, as the
MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)
When the "datadir" option was configured with a relative path, MySQL did
not properly check paths used as arguments for the DATA DIRECTORY and INDEX
DIRECTORY directives. An authenticated attacker could use this flaw to
bypass the restriction preventing the use of subdirectories of the MySQL
data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.
(CVE-2009-4030)