Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://www.debian.org/security/2004/dsa-540
http://lists.mysql.com/internals/15185
http://www.vuxml.org/freebsd/0c4d5973-f2ab-11d8-9837-000c41e2cdad.html
Insight
The following package is affected: mysql-scripts
CVE-2004-0457
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Severity
Classification
-
CVE CVE-2004-0457 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities