FreeBSD : mysql -- mysqlhotcopy insecure temporary file creation (0c4d5973-f2ab-11d8-9837-000c41e2cdad)

According to Christian Hammers : mysqlhotcopy created temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. Jeroen van Wolffelaar is credited with discovering the issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5619)

Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. This update also fixes the previously broken mysqlhotcopy script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

Gentoo Security Advisory GLSA 200409-02 (MySQL)

The remote host is missing updates announced in advisory GLSA 200409-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200409-02 (MySQL)

The remote host is missing updates announced in advisory GLSA 200409-02. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 540-1 (mysql)

The remote host is missing an update to mysql announced via advisory DSA 540-1. OpenVAS Vulnerability Test $Id: deb5401.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 540-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

MySQL symbolic links problem

mysqlhotcopy, mysqlaccess unsafe temporary files creation...

security flaw

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0457

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

MySQL: Insecure temporary file creation in mysqlhotcopy

Background MySQL is a popular open-source multi-threaded, multi-user SQL database server. Description Jeroen van Wolffelaar discovered that the MySQL database hot copy utility mysqlhotcopy.sh, when using the scp method, uses temporary files with predictable names. A malicious local user with writ...

DSA-540 mysql-dfsg - insecure file creation

Bulletin has no description...

mysql -- mysqlhotcopy insecure temporary file creation

According to Christian Hammers: mysqlhotcopy created temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. Jeroen van Wolffelaar is credited with discovering the issue...