CVE-2005-0004

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947	Third Party Advisory
http://lists.mysql.com/internals/20600	Third Party Advisory
http://marc.info/?l=bugtraq&m=110608297217224&w=2	Third Party Advisory
http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html	Broken Link
http://secunia.com/advisories/13867	Not Applicable
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1	Broken Link
http://www.debian.org/security/2005/dsa-647	Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:036	Broken Link
http://www.securityfocus.com/bid/12277	Patch Third Party Advisory VDB Entry Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18922	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-04-14 04:00

Updated : 2022-08-05 14:26

NVD link : CVE-2005-0004

Mitre link : CVE-2005-0004

CVE.ORG link : CVE-2005-0004

JSON object : View

Products Affected

debian

debian_linux

mariadb

mariadb

oracle

mysql

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

{"id": "CVE-2005-0004", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-04-14T04:00:00.000", "references": [{"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.mysql.com/internals/20600", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110608297217224&w=2", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/13867", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2005/dsa-647", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:036", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/12277", "tags": ["Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18922", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files."}, {"lang": "es", "value": "El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simb\u00f3licos (symlink) en ficheros temporales."}], "lastModified": "2022-08-05T14:26:26.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DE5DAF-002F-4151-BDF1-72E7B9D3CA87", "versionEndExcluding": "4.0.23", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE3B3226-45DB-46F8-A92D-AA15F6652F4C", "versionEndExcluding": "4.1.10", "versionStartIncluding": "4.1.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B01C1FA-A584-44D8-A7A6-996B3C991F8F", "versionEndExcluding": "5.0.3", "versionStartIncluding": "5.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "966DE621-0387-4AED-AC5F-67D87391AAA2", "versionEndExcluding": "5.5.66", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}