MySQL mysql_install_db Insecure Temporary File Creation

[From Secunia]

Eric Romang has reported a vulnerability in MySQL, which can be exploited by malicious, local users to conduct various actions on a vulnerable system with escalated privileges.

The vulnerability is caused due to the mysql_install_db script creating the temporary file “mysql_install_db.$$” insecurely.

The article continues at

Latest Articles