MySQL mysql_install_db Insecure Temporary File Creation

May 19, 2005

[From Secunia]

Eric Romang has reported a vulnerability in MySQL, which can be exploited by malicious, local users to conduct various actions on a vulnerable system with escalated privileges.

The vulnerability is caused due to the mysql_install_db script creating the temporary file "mysql_install_db.$$" insecurely.

The article continues at http://secunia.com/advisories/15369/








The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers