MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability

Bugtraq ID:	10969
Class:	Design Error
CVE:	CVE-2004-0457
Remote:	No
Local:	Yes
Published:	Aug 18 2004 12:00AM
Updated:	Jul 12 2009 06:16AM
Credit:	Discovery is credited to Jeroen van Wolffelaar <jeroen@wolffelaar.nl>.
Vulnerable:	S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux 8.1 S.u.S.E. Linux 8.0 RedHat Linux 9.0 i386 RedHat Linux 7.3 i386 RedHat Fedora Core1 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux AS 3 RedHat Desktop 3.0 MySQL AB MySQL 4.0.20 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 MySQL AB MySQL 3.23.49 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + RedHat Linux 7.3 i686 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Linux Mandrake 10.0 AMD64 MandrakeSoft Linux Mandrake 10.0 MandrakeSoft Linux Mandrake 9.2 amd64 MandrakeSoft Linux Mandrake 9.2 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 Gentoo Linux 1.4 _rc3 Gentoo Linux 1.4 _rc2 Gentoo Linux 1.4 _rc1 Gentoo Linux 1.4 Gentoo Linux 1.2 Gentoo Linux 1.1 a Gentoo Linux 0.7 Gentoo Linux 0.5

Not Vulnerable: