MySQL Rename Table? Explicit Data Directory?

[Ebonesser]

I searched my friends website with Acunetix and found this:

The MySQL Enterprise Server is affected by multiple vulnerabilities.
1. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information.
2. ALTER VIEW retained the original DEFINER value, even when altered by another user, which could allow that user to gain the access rights of the view.
3. When using a FEDERATED table, the local server can be forced to crash if the remote server returns a result with fewer columns than expected.

Somebody who knows how to execute or exploit at least nr 1 or 2?
I can NOTHING about SQL or MySQL. Any help would be appreciated.
I'm doing this for fun. To play a prank on my friend xD

Ps: He's using MySQL Enterprise Server v.5.0.52

[chocochaos]

The only way to exploit those would be if you already have access to the database and can execute one of those queries, or if one of the scripts he uses has an sql injection vulnerabilty.
So, your plan is probably not going to work...

[Danne206]

Google up SQL Injection.

[Kiev]

No one here will tell you (atleast publically) how to do this. As this site does not endorse hacking. xD

[Ebonesser]

ok
Thanks for th help then...