Published: 02/05/2005 Updated: 17/12/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

MySQL 4.0.23 and previous versions, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql 4.0.0
oracle mysql 4.0.1
oracle mysql 4.0.15
oracle mysql 4.0.18
oracle mysql 4.0.5
oracle mysql 4.0.5a
mysql mysql 4.1.0
oracle mysql 4.1.0
oracle mysql 3.23.49
oracle mysql 4.0.13
oracle mysql 4.0.14
oracle mysql 4.0.3
oracle mysql 4.0.4
oracle mysql 4.0.9
oracle mysql 4.1.4
oracle mysql 4.1.5
oracle mysql 4.0.10
oracle mysql 4.0.11
oracle mysql 4.0.2
oracle mysql 4.0.20
oracle mysql 4.0.6
oracle mysql 4.0.7
mysql mysql 4.1.10
oracle mysql 4.1.2
oracle mysql 4.0.12
oracle mysql 4.0.21
oracle mysql 4.0.23
oracle mysql 4.0.8
mysql mysql 4.1.3
oracle mysql 4.1.3

Stefano Di Paola discovered three privilege escalation flaws in the MySQL server: ...

Synopsis mysql security update Type/Severity Security Advisory: Important Topic Updated mysql packages that fix several vulnerabilities are now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description MySQL is a multi-user, m ...

Synopsis mysql-server security update Type/Severity Security Advisory: Important Topic Updated mysql-server packages that fix several vulnerabilities are nowavailableThis update has been rated as having important security impact by the RedHat Security Response Team Description MySQL is a ...

Several vulnerabilities have been discovered in MySQL, a popular database The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2004-0957 Sergei Golubchik discovered a problem in the access handling for similar named databases If a user is granted privileges to a database with a name containing an un ...

source: wwwsecurityfocuscom/bid/12781/info MySQL is reported prone to multiple vulnerabilities that can be exploited by a remote authenticated attacker The following individual issues are reported: - Insecure temporary file-creation vulnerability Reports indicate that an attacker with 'CREATE TEMPORARY TABLE' privileges on an affec ...

NVD-CWE-Other http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html http://www.debian.org/security/2005/dsa-707 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml http://www.redhat.com/support/errata/RHSA-2005-334.html http://www.novell.com/linux/security/advisories/2005_19_mysql.html http://www.trustix.org/errata/2005/0009/http://www.securityfocus.com/bid/12781 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://www.redhat.com/support/errata/RHSA-2005-348.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591 https://usn.ubuntu.com/96-1/https://usn.ubuntu.com/96-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/25211/

CVE-2005-0711

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect