9 matches found
CAN-2005-1636
CVE-2005-1636 is a MySQL vulnerability describing an insecure temporary file handling bug in the mysql_install_db script that could allow a local user to execute arbitrary SQL commands during installation. Public advisories (RHSA-2005:685, DSA-783-1, CentOS CES A-2005:685, MDKSA-2006:045) cite up...
CentOS 4 : mysql (CESA-2005:685)
Updated mysql packages that fix a temporary file flaw and a number of bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisti...
FreeBSD Ports: mysql-server
The remote host is missing an update to the system as announced in the referenced advisory. VID eeae6cce-d05c-11d9-9aed-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: mysql-server
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
The remote host is missing an update to mysql-dfsg-4.1 announced via advisory DSA 783-1. Eric Romang discovered a temporary file vulnerability in a script accompanied with MySQL, a popular database, that allows an attacker to execute arbitrary SQL commands when the server is installed or updated...
MDKSA-2006:045 : MySQL
Eric Romang discovered a temporary file vulnerability in the mysqlinstalldb script provided with MySQL. This vulnerability only affects versions of MySQL 4.1.x prior to 4.1.12. The updated packages have been patched to address this issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been...
RHEL 4 : mysql (RHSA-2005:685)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:685 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...
CVE-2005-1636
CVE-2005-1636 affects MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4. The mysql_install_db script creates a temporary file (mysql_install_db.X) with a predictable name and insecure permissions, enabling a local user to modify the file and execute arbitrary SQL commands during installation. Remedia...
CVE-2005-1636
mysqlinstalldb in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysqlinstalldb.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents...