CVE-2005-0711 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-0711
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0711

Description: MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

CVE Status: Candidate

References: VULNWATCH http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-96-1 TRUSTIX http://www.trustix.org/errata/2005/0009/ SUSE http://www.novell.com/linux/security/advisories/2005_19_mysql.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 REDHAT http://www.redhat.com/support/errata/RHSA-2005-348.html http://www.redhat.com/support/errata/RHSA-2005-334.html MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:060 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml DEBIAN http://www.debian.org/security/2005/dsa-707 BID 12781 APPLE http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

Return to the previous page.