Red Hat Bugzilla – Bug 150868
CAN-2005-0711 Insecure temporary file creation with CREATE TEMPORARY TABLE
Last modified: 2013-07-02 23:04:33 EDT
Description of problem:
If an authenticated user has CREATE TEMPORARY TABLE privileges on any
existent database, a symlink attack is possible.
Reported to vulnwatch.org by Stefano Di Paola on 11 Mar 2005
Version-Release number of selected component (if applicable):
Requires some luck to guess name that will be used for temp file,
but unfortunately that's fairly predictable.
Steps to Reproduce:
1. See vulnwatch report.
This is fixed in 4.1.10a, which we should upgrade to anyway as it
contains numerous other bug fixes.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.