MySQL insecure temporary file creation vulnerability _ MySQL

Source: Internet
Author: User
Affected system: MySQLABMySQL4.1.0-latest. Affected systems:
  
MySQL AB MySQL 4.1.0-alpha
MySQL AB MySQL 4.1.0
MySQL AB MySQL 4.0.9
MySQL AB MySQL 4.0.8
MySQL AB MySQL 4.0.7
MySQL AB MySQL 4.0.6
MySQL AB MySQL 4.0.5a
MySQL AB MySQL 4.0.5
MySQL AB MySQL 4.0.4
MySQL AB MySQL 4.0.3
MySQL AB MySQL 4.0.2
MySQL AB MySQL 4.0.15
MySQL AB MySQL 4.0.14
MySQL AB MySQL 4.0.13
MySQL AB MySQL 4.0.12
MySQL AB MySQL 4.0.11
MySQL AB MySQL 4.0.10
MySQL AB MySQL 4.0.1
MySQL AB MySQL 4.0.0
MySQL AB MySQL 3.23.9
MySQL AB MySQL 3.23.8
MySQL AB MySQL 3.23.57
MySQL AB MySQL 3.23.56
MySQL AB MySQL 3.23.55
MySQL AB MySQL 3.23.54
MySQL AB MySQL 3.23.53a
MySQL AB MySQL 3.23.53
MySQL AB MySQL 3.23.52
MySQL AB MySQL 3.23.51
MySQL AB MySQL 3.23.50
MySQL AB MySQL 3.23.5
MySQL AB MySQL 3.23.48
MySQL AB MySQL 3.23.47
MySQL AB MySQL 3.23.46
MySQL AB MySQL 3.23.45
MySQL AB MySQL 3.23.44
MySQL AB MySQL 3.23.43
MySQL AB MySQL 3.23.42
MySQL AB MySQL 3.23.41
MySQL AB MySQL 3.23.40
MySQL AB MySQL 3.23.4
MySQL AB MySQL 3.23.39
MySQL AB MySQL 3.23.38
MySQL AB MySQL 3.23.37
MySQL AB MySQL 3.23.36
MySQL AB MySQL 3.23.34
MySQL AB MySQL 3.23.31
MySQL AB MySQL 3.23.30
MySQL AB MySQL 3.23.3
MySQL AB MySQL 3.23.29
MySQL AB MySQL 3.23.28 gamma
MySQL AB MySQL 3.23.28
MySQL AB MySQL 3.23.27
MySQL AB MySQL 3.23.26
MySQL AB MySQL 3.23.25
MySQL AB MySQL 3.23.24
MySQL AB MySQL 3.23.23
MySQL AB MySQL 3.23.2
MySQL AB MySQL 3.23.10
MySQL AB MySQL 3.22.32
MySQL AB MySQL 3.22.30
MySQL AB MySQL 3.22.29
MySQL AB MySQL 3.22.28
MySQL AB MySQL 3.22.27
MySQL AB MySQL 3.22.26
MySQL AB MySQL 3.20.32a
MySQL AB MySQL 3.23.49
-Debian Linux 3.0:
-Mandrake Linux 9.0
-Mandrake Linux 8.2
-Mandrake Linux 8.1
-RedHat: Linux 7.3
-RedHat: Linux 7.2
-SuSE Linux 8.2
-SuSE Linux 8.1
  
   Detailed description:
  
MySQL is an open-source relational database system. MySQL error reporting tool (mysqlbug) does not securely create temporary files. local Attackers can exploit this vulnerability to corrupt arbitrary system file content, resulting in DoS attacks.
  
Mysqlbug is an error report Script. when running, a text editor is started and users are prompted to use the template to write their error reports. If you exit the text editor without modifying the vulnerability report, mysqlbug will execute the following code:
  
--
If cmp-s $ TEMP. x
Then
Echo "File not changed, no bug report submitted ."
Cp $ TEMP/tmp/failed-mysql-bugreport
Echo "The raw bug report exists in
/Tmp/failed-mysql-bugreport"
Echo "If you use this remember that the first lines
Of the report now
Is a lie
.."
Exit 1
Fi
--
  
A temporary file is created with a static file name. Therefore, attackers can establish symbolic connections. when other users call wrong debugging, the target file to be connected may be damaged, local Attackers can exploit this vulnerability to launch DoS attacks on the local system.
  
   Patch download:
  
Http://www.mysql.com/doc/en/Installing_source_tree.html

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.