CVE-2005-0004

NameCVE-2005-0004
DescriptionThe mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-647-1
NVD severitymedium (attack range: local)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mysqlsourcewoody3.23.49-8.9mediumDSA-647-1
mysql-dfsgsource(unstable)4.0.23-3medium
mysql-dfsg-4.1source(unstable)4.1.8a-6medium

Search for package or bug name: Reporting problems