MySQL < 3.23.50 / 4.0.24 / 4.1.6 / 5.0.3 Insecure Temporary File Creation

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

Arbitrary files could be read or overwritten via the remote database
server.

Description :

The version of MySQL installed on the remote host is older than
3.23.50, 4.0.24, 4.1.6 or 5.0.3. As such, the mysqlaccess script
included with it reportedly could be used to read or overwrite
arbitrary files via a symlink attack.

See also :

http://lists.mysql.com/internals/20600
http://lists.mysql.com/announce/269

Solution :

Upgrade to MySQL version 3.23.50 / 4.0.24 / 4.1.6 / 5.0.3 or
later.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 17838 ()

Bugtraq ID: 12277

CVE ID: CVE-2005-0004