Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 13.04 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |