• Tenable
  • CVEs
  • Settings
    Links
    Tenable.io Tenable Community & Support Tenable University
    Severity
    Theme
  • Tenable
  • Links
  • Tenable.io
  • Tenable Community & Support
  • Tenable University
  • Settings
  • Severity
  • Theme
  • Newest
  • Updated
  • Search
  • Newest
  • Updated
  • Search
  1. CVEs
  2. CVE-2005-0711
  1. CVEs

CVE-2005-0711

low
  • Information
  • CPEs
  • Plugins

Description

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

References

http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html

http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1

http://www.debian.org/security/2005/dsa-707

http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2005:060

http://www.novell.com/linux/security/advisories/2005_19_mysql.html

http://www.redhat.com/support/errata/RHSA-2005-334.html

http://www.redhat.com/support/errata/RHSA-2005-348.html

http://www.securityfocus.com/bid/12781

http://www.trustix.org/errata/2005/0009/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591

https://usn.ubuntu.com/96-1/

Details

Source: MITRE

Published: 2005-05-02

Updated: 2019-12-17

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2022 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance