Info

Disclosure

Mar 24, 2004

Discovery

Unknown

Dates

Exploit

Mar 24, 2004

Solution

Unknown

Description

MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqld_multi" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation, Race Condition
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to version 4.0.20 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

MySQL

4.0.18

References

Security Tracker: 1009784
Bugtraq ID: 10142
Secunia Advisory ID: 11223 13407
ISS X-Force ID: 15883
CVE ID: 2004-0388 (see also: NVD)
Related OSVDB ID: 6420
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-03/0245.html
Vendor Specific Advisory URL: http://bugs.mysql.com/bug.php?id=3284
http://rhn.redhat.com/errata/RHSA-2004-597.html
http://www.debian.org/security/2004/dsa-483
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:034
Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200405-20.xml
Vendor URL: http://www.mysql.com/
Vendor Specific Solution URL: http://www.mysql.com/doc/en/Installing_source_tree.html

Credit

Shaun Colley - shaunigeyahoo.co.uk -

Direct URL: http://osvdb.org/6421