Lucene search
Ubuntu.comUB:CVE-2013-2162HistoryJun 10, 2013 - 12:00 a.m.
CVE-2013-2162
2013-06-1000:00:00
ubuntu.com
ubuntu.com
5
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Race condition in the post-installation script (mysql-server-5.5.postinst)
for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a
configuration file with world-readable permissions before restricting the
permissions, which allows local users to read the file and obtain sensitive
information such as credentials.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per Ubuntu Server team |
Related
prion
prion
Race condition
2013-08-19 13:07:00
nessus
nessus
MySQL debian.cnf Plaintext Credential Disclosure
2014-01-08 00:00:00
Debian DLA-75-1 : mysql-5.1 security update
2015-03-26 00:00:00
nvd
nvd
CVE-2013-2162
2013-08-19 13:07:40
cve
cve
CVE-2013-2162
2013-08-19 13:07:40
cvelist
cvelist
CVE-2013-2162
2013-08-19 00:00:00
osv
osv
mysql-5.5 - several
2013-12-16 00:00:00
mysql-5.1 - security update
2014-10-22 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-75-1)
2023-03-08 00:00:00
Ubuntu: Security Advisory (USN-1909-1)
2013-08-08 00:00:00
Ubuntu Update for mysql-5.5 USN-1909-1
2013-08-08 00:00:00
debian
debian
[SECURITY] [DLA 75-1] mysql-5.1 security update
2014-10-22 06:46:31
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:29
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:29
ubuntu
ubuntu
MySQL vulnerabilities
2013-07-25 00:00:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2013-2162