CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
25.5%
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file
names when creating temporary tables, which allows local users with CREATE
TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink
attack.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | mysql-dfsg | < 4.0.24-10ubuntu2 | UNKNOWN |
ubuntu | 6.10 | noarch | mysql-dfsg | < 4.0.24-10ubuntu2 | UNKNOWN |
ubuntu | 6.06 | noarch | mysql-dfsg-4.1 | < 4.1.15-1ubuntu5 | UNKNOWN |
ubuntu | 6.10 | noarch | mysql-dfsg-4.1 | < 4.1.15-1ubuntu5 | UNKNOWN |
ubuntu | 6.06 | noarch | mysql-dfsg-5.0 | < 5.0.22-0ubuntu6.06.3 | UNKNOWN |
ubuntu | 6.10 | noarch | mysql-dfsg-5.0 | < 5.0.24a-9ubuntu0.1 | UNKNOWN |
ubuntu | 7.04 | noarch | mysql-dfsg-5.0 | < 5.0.38-0ubuntu1 | UNKNOWN |