| VID |
25037 |
| Severity |
40 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of the relevant MySQL server is older than version 4.0.21.
The mysqlhotcopy script in MySQL versions 4.0.20 and earlier contains an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. This issue presents itself when the 'scp' method is used with the script. A local attacker could use this vulnerability to create symbolic links from the predictable files to overwrite or create arbitrary files on the system.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive.
* Platforms Affected:
MySQL AB, MySQL 4.0.20 and prior
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (4.0.21 or later), available from MySQL Web site at http://dev.mysql.com/downloads/mysql/4.0.html
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest version of MySQL (3.23.49-8.7 or later), as listed in Debian Security Advisory DSA-540-1 at http://www.debian.org/security/2004/dsa-540
For Gentoo Linux:
Upgrade to the latest version of mysql (4.0.20-r1 or later), as listed in Gentoo Linux Security Advisory GLSA 200409-02 at http://www.gentoo.org/security/en/glsa/glsa-200409-02.xml
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2004-0457 (CVE) |
| Related URL |
10969 (SecurityFocus) |
| Related URL |
17030 (ISS) |
|
