6 matches found
FreeBSD : mysql -- mysqlhotcopy insecure temporary file creation (0c4d5973-f2ab-11d8-9837-000c41e2cdad)
According to Christian Hammers : mysqlhotcopy created temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. Jeroen van Wolffelaar is credited with discovering the issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
FreeBSD Ports: mysql-scripts
The remote host is missing an update to the system as announced in the referenced advisory. VID 0c4d5973-f2ab-11d8-9837-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2004-0973
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0457. Reason: This candidate is a reservation duplicate of CVE-2004-0457. Notes: All CVE users should reference CVE-2004-0457 instead of this candidate. All references and descriptions in this candidate have been removed to...
Debian DSA-540-1 : mysql - insecure file creation
Jeroen van Wolffelaar discovered an insecure temporary file vulnerability in the mysqlhotcopy script when using the scp method which is part of the mysql-server package. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2004-0457
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2004-0457
CVE-2004-0457: The mysqlhotcopy script in MySQL