The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
References
Configurations
History
20 Nov 2024, 23:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 - Third Party Advisory | |
References | () http://lists.mysql.com/internals/20600 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=110608297217224&w=2 - Third Party Advisory | |
References | () http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html - Broken Link | |
References | () http://secunia.com/advisories/13867 - Not Applicable | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 - Broken Link | |
References | () http://www.debian.org/security/2005/dsa-647 - Patch, Vendor Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 - Broken Link | |
References | () http://www.securityfocus.com/bid/12277 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/18922 - Third Party Advisory, VDB Entry |
Information
Published : 2005-04-14 04:00
Updated : 2024-11-20 23:54
NVD link : CVE-2005-0004
Mitre link : CVE-2005-0004
CVE.ORG link : CVE-2005-0004
JSON object : View
Products Affected
debian
- debian_linux
oracle
- mysql
mariadb
- mariadb
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')