164647 – CAN-2005-1636 mysql insecure temporary file creation

Bug 164647 - CAN-2005-1636 mysql insecure temporary file creation

Summary: CAN-2005-1636 mysql insecure temporary file creation

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	mysql
Sub Component:
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Tom Lane
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:	impact=low,public=20050517,reported=2...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-07-29 16:50 UTC by Josh Bressers
Modified:	2013-07-03 03:06 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-07-29 16:53:48 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Josh Bressers 2005-07-29 16:50:40 UTC

+++ This bug was initially created as a clone of Bug #158688 +++

mysql_install_db in MySQL 4.x before 4.0.12 and 5.x up to 5.0.4 creates the
mysql_install_db.X file with a predictable filename and insecure permissions,
which allows local users to execute arbitrary SQL commands by modifying the
file's contents.

More information is in the full-disclosure post:
http://marc.theaimsgroup.com/?l=full-disclosure&m=111632686805498&w=2

Comment 1 Josh Bressers 2005-07-29 16:51:07 UTC

This issue also affects RHEL2.1

Comment 2 Josh Bressers 2005-07-29 16:53:48 UTC

My mistake, this issue does not affect RHEL3 or RHEL2.1

Note You need to log in before you can comment on or make changes to this bug.