New Search

MySQL 4.0.23 and earlier and 4.1.x up to 4.1.10 uses predictable file names when creating temporary tables which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

oval:org.mitre.oval:def:9591

MySQL 4.0.23 and earlier and 4.1.x up to 4.1.10 uses predictable file names when creating temporary tables which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
  • CentOS Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-0711
Product(s):