CVE-2005-0004

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 - Third Party Advisory () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 - Third Party Advisory
References () http://lists.mysql.com/internals/20600 - Third Party Advisory () http://lists.mysql.com/internals/20600 - Third Party Advisory
References () http://marc.info/?l=bugtraq&m=110608297217224&w=2 - Third Party Advisory () http://marc.info/?l=bugtraq&m=110608297217224&w=2 - Third Party Advisory
References () http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html - Broken Link () http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html - Broken Link
References () http://secunia.com/advisories/13867 - Not Applicable () http://secunia.com/advisories/13867 - Not Applicable
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 - Broken Link
References () http://www.debian.org/security/2005/dsa-647 - Patch, Vendor Advisory () http://www.debian.org/security/2005/dsa-647 - Patch, Vendor Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 - Broken Link
References () http://www.securityfocus.com/bid/12277 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/12277 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18922 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/18922 - Third Party Advisory, VDB Entry

Information

Published : 2005-04-14 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0004

Mitre link : CVE-2005-0004

CVE.ORG link : CVE-2005-0004


JSON object : View

Products Affected

debian

  • debian_linux

oracle

  • mysql

mariadb

  • mariadb
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')