CVE-2005-0004 - Unbending Shotlines

Description

The mysqlaccess script in MySQL 4.0.23 and earlier 4.1.x before 4.1.10 5.0.x before 5.0.3 and other versions including 3.x allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

Reference

http://www.debian.org/security/2005/dsa-647 http://secunia.com/advisories/13867 http://www.securityfocus.com/bid/12277 http://lists.mysql.com/internals/20600 http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 http://marc.info/?l=bugtraq&m=110608297217224&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18922