MySQL mysql_install_db Insecure Temporary File Creation

Thursday May 19th 2005 by DatabaseJournal.com Staff
Share:

A vulnerability in MySQL, which can be exploited by malicious, local users to conduct various actions on a vulnerable system with escalated privileges has been reported.

[From Secunia]

Eric Romang has reported a vulnerability in MySQL, which can be exploited by malicious, local users to conduct various actions on a vulnerable system with escalated privileges.

The vulnerability is caused due to the mysql_install_db script creating the temporary file "mysql_install_db.$$" insecurely.

The article continues at http://secunia.com/advisories/15369/

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved