FreeBSD Ports: mysql-scripts

Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades. http://www.debian.org/security/2004/dsa-540 http://lists.mysql.com/internals/15185 http://www.vuxml.org/freebsd/0c4d5973-f2ab-11d8-9837-000c41e2cdad.html
Insight
The following package is affected: mysql-scripts CVE-2004-0457 The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.