Bug 152767 - CAN-2004-0457 mysqlhotcopy insecure temporary file vulnerability
Summary: CAN-2004-0457 mysqlhotcopy insecure temporary file vulnerability
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: Package request
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard: LEGACY, rh73, rh90
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-23 18:03 UTC by Marc Deslauriers
Modified: 2007-04-18 17:22 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-04-05 22:28:36 UTC
Embargoed:


Attachments (Terms of Use)

Description David Lawrence 2005-03-30 23:26:44 UTC
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method
from the mysql-server package, allows local users to overwrite arbitrary files
via a symlink attack on temporary files.

http://www.debian.org/security/2004/dsa-540
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130348
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130347



------- Additional Comments From dom 2004-09-07 14:09:33 ----

See also bug 1832.



------- Additional Comments From marcdeslauriers 2004-09-10 10:18:23 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated packages to QA for rh73 and rh9:

Changelog:
* Fri Sep 10 2004 Marc Deslauriers <marcdeslauriers>
3.23.58-1.73.2.legacy
- - Added mysqlhotcopy patch to fix CAN-2004-0457

7.3:
3c50c892ec2e74b14688e59e5cab59bf933fc63c  mysql-3.23.58-1.73.2.legacy.i386.rpm
eefa504de0a69f23ef02bb9ba0d8601f1cc62383  mysql-3.23.58-1.73.2.legacy.src.rpm
7771d51f74ca7be9855fbd0c0b9ab3e9e98b1c6c  mysql-devel-3.23.58-1.73.2.legacy.i386.rpm
ed0bd96169a17f6720fe154e543b9debcda87987 
mysql-server-3.23.58-1.73.2.legacy.i386.rpm

9:
57db3de3ad34158e000a9c1d6ac4a5ddead7ec2e  mysql-3.23.58-1.90.2.legacy.i386.rpm
199cf8e78a9ad7f08cfea9a335c703e267175202  mysql-3.23.58-1.90.2.legacy.src.rpm
27df78482183c40037f4706dd84ca0958b92e2f1  mysql-devel-3.23.58-1.90.2.legacy.i386.rpm
2d165a4e56f99e67d669da60556b9fb24e42072b 
mysql-server-3.23.58-1.90.2.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/7.3/mysql-3.23.58-1.73.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/mysql-3.23.58-1.73.2.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/mysql-devel-3.23.58-1.73.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/mysql-server-3.23.58-1.73.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/mysql-3.23.58-1.90.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/mysql-3.23.58-1.90.2.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/mysql-devel-3.23.58-1.90.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/mysql-server-3.23.58-1.90.2.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBQgvvLMAs/0C4zNoRAkBkAJsG75moYTwgMqyP2Vur2YFTC9f5gwCgoe2w
s9gvSIhsiUdpovU9eRKl9Ew=
=gT/T
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers 2004-09-10 10:18:45 ----

This bug now obsoletes bug 1832



------- Additional Comments From mule 2004-09-10 18:19:03 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
57db3de3ad34158e000a9c1d6ac4a5ddead7ec2e  mysql-3.23.58-1.90.2.legacy.i386.rpm
199cf8e78a9ad7f08cfea9a335c703e267175202  mysql-3.23.58-1.90.2.legacy.src.rpm
27df78482183c40037f4706dd84ca0958b92e2f1  mysql-devel-3.23.58-1.90.2.legacy.i386.rpm
2d165a4e56f99e67d669da60556b9fb24e42072b 
mysql-server-3.23.58-1.90.2.legacy.i386.rpm
 
For Red Hat 9:
* Spec file looks ok
* Checked patches for mysql-3.23.58-symlink.patch,
mysql-3.23.58-mysqlhotcopy.patch - look ok
* Builds from source
* Installs ok
* Runs ok
 
However, is the 3.23.58-1.90.2 versioning correct?
 
Otherwise, vote for PUBLISH
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
 
iD8DBQFBQnw5TsaUa9pp4VIRAlpjAJ9NYs5zSarsKc4B8z1VJLYKemZXYwCdGObr
TQbNbEyyr95Ow9GrkLkfAcM=
=2caO
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers 2005-02-21 16:47:01 ----

Packages in bug 2129 were pushed to updates-testing.



------- Bug moved to this database by dkl 2005-03-30 18:26 -------

This bug previously known as bug 2006 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2006
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.



Comment 1 Marc Deslauriers 2005-04-05 22:28:36 UTC
Updated packages were released for this issue.


Note You need to log in before you can comment on or make changes to this bug.