Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0381

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0381
Last Modified 07 Mar 2011 09:15:47
Published 04 May 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0381

Summary

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.

Vulnerable Systems

Application

  • Mysql 3.20.32a

  • Mysql 3.22.26

  • Mysql 3.22.27

  • Mysql 3.22.28

  • Mysql 3.22.29

  • Mysql 3.22.30

  • Mysql 3.22.32

  • Mysql 3.23.10

  • Mysql 3.23.2

  • Mysql 3.23.22

  • Mysql 3.23.23

  • Mysql 3.23.24

  • Mysql 3.23.25

  • Mysql 3.23.26

  • Mysql 3.23.27

  • Mysql 3.23.28

  • Mysql 3.23.29

  • Mysql 3.23.3

  • Mysql 3.23.30

  • Mysql 3.23.31

  • Mysql 3.23.32

  • Mysql 3.23.33

  • Mysql 3.23.34

  • Mysql 3.23.36

  • Mysql 3.23.37

  • Mysql 3.23.38

  • Mysql 3.23.39

  • Mysql 3.23.40

  • Mysql 3.23.41

  • Mysql 3.23.42

  • Mysql 3.23.43

  • Mysql 3.23.44

  • Mysql 3.23.45

  • Mysql 3.23.46

  • Mysql 3.23.47

  • Mysql 3.23.48

  • Mysql 3.23.49

  • Mysql 3.23.5

  • Mysql 3.23.50

  • Mysql 3.23.51

  • Mysql 3.23.52

  • Mysql 3.23.53

  • Mysql 3.23.53a

  • Mysql 3.23.54

  • Mysql 3.23.54a

  • Mysql 3.23.55

  • Mysql 3.23.56

  • Mysql 3.23.58

  • Mysql 3.23.8

  • Mysql 3.23.9

  • Mysql 4.0.0

  • Mysql 4.0.1

  • Mysql 4.0.10

  • Mysql 4.0.11

  • Mysql 4.0.12

  • Mysql 4.0.13

  • Mysql 4.0.14

  • Mysql 4.0.15

  • Mysql 4.0.18

  • Mysql 4.0.2

  • Mysql 4.0.3

  • Mysql 4.0.4

  • Mysql 4.0.5

  • Mysql 4.0.5a

  • Mysql 4.0.6

  • Mysql 4.0.7

  • Mysql 4.0.8

  • Mysql 4.0.9

  • Mysql 4.1.0

  • Mysql 4.1.0.0


References

BID - 9976

BUGTRAQ - 20040414 [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql)

XF - mysql-mysqlbug-symlink(15617)

REDHAT - RHSA-2004:597

REDHAT - RHSA-2004:569

DEBIAN - DSA-483

CIAC - P-018

GENTOO - GLSA-200405-20

BUGTRAQ - 20040324 mysqlbug tmpfile/symlink vulnerability.

MANDRAKE - MDKSA-2004:034


Last Updated: 27 May 2016 10:38:35