Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service via an ALTER DATABASE command with a #mysql50# string followed by a . , .. , ../ or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data director ...