Lucene search

[email protected]NVD:CVE-2005-0711

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0711

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

25.5%

JSON

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Affected configurations

NVD

Node

mysqlmysqlMatch4.1.0

mysqlmysqlMatch4.1.3

mysqlmysqlMatch4.1.10

oraclemysqlMatch3.23.49

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.4

oraclemysqlMatch4.0.5

oraclemysqlMatch4.0.5a

oraclemysqlMatch4.0.6

oraclemysqlMatch4.0.7

oraclemysqlMatch4.0.7gamma

oraclemysqlMatch4.0.8

oraclemysqlMatch4.0.8gamma

oraclemysqlMatch4.0.9

oraclemysqlMatch4.0.9gamma

oraclemysqlMatch4.0.10

oraclemysqlMatch4.0.11

oraclemysqlMatch4.0.11gamma

oraclemysqlMatch4.0.12

oraclemysqlMatch4.0.13

oraclemysqlMatch4.0.14

oraclemysqlMatch4.0.15

oraclemysqlMatch4.0.18

oraclemysqlMatch4.0.20

oraclemysqlMatch4.0.21

oraclemysqlMatch4.0.23

oraclemysqlMatch4.1.0alpha

oraclemysqlMatch4.1.2alpha

oraclemysqlMatch4.1.3beta

oraclemysqlMatch4.1.4

oraclemysqlMatch4.1.5

References

archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html

lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1

www.debian.org/security/2005/dsa-707

www.gentoo.org/security/en/glsa/glsa-200503-19.xml

www.mandriva.com/security/advisories?name=MDKSA-2005:060

www.novell.com/linux/security/advisories/2005_19_mysql.html

www.redhat.com/support/errata/RHSA-2005-334.html

www.redhat.com/support/errata/RHSA-2005-348.html

www.securityfocus.com/bid/12781

www.trustix.org/errata/2005/0009/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591

usn.ubuntu.com/96-1/

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

25.5%

JSON

Related for NVD:CVE-2005-0711

cve1 ubuntucve1 cvelist1 openvas9 nessus17 freebsd1 suse1 redhat2 centos1 ubuntu1 gentoo1 osv1 debian2