Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability

Solution:
Red Hat has released advisory RHSA-2004:569-16 and fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

SuSE has released advisory (SUSE-SA:2004:030), in the addendum of this advisory it is announced that a mysql fix to address this vulnerability is available on the SuSE updates FTP server:
ftp://ftp.suse.com

Gentoo has released an advisory (GLSA 200409-02) and an updated eBuild to address this issue on Gentoo Linux systems. Users are recommended to run the following sequence of commands as a superuser to apply this update:
emerge sync
emerge -pv ">=dev-db/mysql-4.0.20-r1"
emerge ">=dev-db/mysql-4.0.20-r1"

Debian has released an advisory (DSA 540-1) to address this issue. Please see the referenced advisory for more information.

OpenBSD has applied fixes to the ports tree of OpenBSD-current, and the patch branches of 3.4 and 3.5. These patches are in CVS as of 23 Aug 2004.

Mandrake Linux has released advisory MDKSA-2004:119 along with fixes dealing with this and other issues. Please see the referenced advisory for more information.

SuSE has released a security summary report (SUSE-SR:2004:001) to address this and other issues. The report indicates that a fix for this issue is available on the SuSE FTP server and also through the YaST Online Update utility. Customers are advised to peruse the referenced advisory for further details regarding obtaining and applying appropriate fixes.

RedHat Fedora has made an advisory available (FEDORA-2004-530) dealing with this and other issues. Please see the referenced advisory for more information.

TurboLinux has released Security Announcement 17/Feb/2005 dealing with this and other issues; please see the reference section for more information.

A Fedora Legacy advisory FLSA:2129 is available to address this issue in Red Hat Linux 7.3, Red Hat Linux 9, and Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information.


MySQL AB MySQL 3.23.49

MySQL AB MySQL 4.0.20

S.u.S.E. Linux Personal 9.0 x86_64

S.u.S.E. Linux Personal 9.0

S.u.S.E. Linux Personal 9.1







 

Privacy Statement
Copyright 2008, SecurityFocus