MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability

Bugtraq ID: 10969
Class: Design Error
CVE: CVE-2004-0457
Remote: No
Local: Yes
Published: Aug 18 2004 12:00AM
Updated: Jul 12 2009 06:16AM
Credit: Discovery is credited to Jeroen van Wolffelaar <jeroen@wolffelaar.nl>.
Vulnerable: SuSE Linux 8.1
SuSE Linux 8.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
Redhat Linux 9.0 i386
Redhat Linux 7.3 i386
Redhat Fedora Core1
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux AS 3
Redhat Desktop 3.0
MySQL AB MySQL 4.0.20
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
MySQL AB MySQL 3.23.49
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Redhat Linux 7.3 i686
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.3
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.4
Gentoo Linux 1.2
Gentoo Linux 1.1 a
Gentoo Linux 0.7
Gentoo Linux 0.5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus