MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability

Bugtraq ID: 10969
Class: Design Error
CVE: CVE-2004-0457
Remote: No
Local: Yes
Published: Aug 18 2004 12:00AM
Updated: Jul 12 2009 06:16AM
Credit: Discovery is credited to Jeroen van Wolffelaar <jeroen@wolffelaar.nl>.
Vulnerable: S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 3
RedHat Desktop 3.0
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
MySQL AB MySQL 4.0.20
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 MySQL AB MySQL 3.23.49
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + RedHat Linux 7.3 i686
 + RedHat Linux 7.3 i386
 + RedHat Linux 7.3
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.4
Gentoo Linux 1.2
Gentoo Linux 1.1 a
Gentoo Linux 0.7
Gentoo Linux 0.5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus