MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability

Bugtraq ID:	12277
Class:	Design Error
CVE:	CVE-2005-0004
Remote:	No
Local:	Yes
Published:	Jan 17 2005 12:00AM
Updated:	Jul 12 2009 10:06AM
Credit:	Javier Fernández-Sanguino Peña is credited with the discovery of this issue.
Vulnerable:	Sun Solaris 10.0_x86 Sun Solaris 10 RedHat Linux 9.0 i386 RedHat Linux 7.3 i386 Red Hat Fedora Core1 MySQL AB MySQL 4.1.5 MySQL AB MySQL 4.1.4 MySQL AB MySQL 4.1.3 -beta MySQL AB MySQL 4.1.3 -beta MySQL AB MySQL 4.1.3 -0 MySQL AB MySQL 4.1.2 -alpha MySQL AB MySQL 4.0.21 MySQL AB MySQL 4.0.20 + Mandriva Linux Mandrake 10.1 x86_64 + Mandriva Linux Mandrake 10.1 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 MySQL AB MySQL 4.0.18 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 MySQL AB MySQL 4.0.15 + Conectiva Linux 10.0 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 + OpenPKG OpenPKG Current MySQL AB MySQL 4.0.14 + OpenPKG OpenPKG 1.3 + OpenPKG OpenPKG Current + Trustix Secure Linux 2.0 MySQL AB MySQL 4.0.13 MySQL AB MySQL 4.0.12 MySQL AB MySQL 4.0.11 -gamma MySQL AB MySQL 4.0.11 + Mandriva Linux Mandrake 9.1 ppc + Mandriva Linux Mandrake 9.1 MySQL AB MySQL 4.0.10 MySQL AB MySQL 4.0.9 -gamma MySQL AB MySQL 4.0.9 MySQL AB MySQL 4.0.8 -gamma MySQL AB MySQL 4.0.8 MySQL AB MySQL 4.0.7 -gamma MySQL AB MySQL 4.0.7 MySQL AB MySQL 4.0.6 MySQL AB MySQL 4.0.5 a MySQL AB MySQL 4.0.5 MySQL AB MySQL 4.0.4 MySQL AB MySQL 4.0.3 MySQL AB MySQL 4.0.2 MySQL AB MySQL 4.0.1 MySQL AB MySQL 4.0 .0 MySQL AB MySQL 4.1.0.0-alpha MySQL AB MySQL 4.1.0-0 Gentoo Linux Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha

Not Vulnerable: