Summary
You are running a version of MySQL which is older than version 4.0.21.
mysqlhotcopy is reported to contain an insecure temporary file creation vulnerability.
The result of this is that temporary files created by the application may use predictable filenames.
A local attacker may also possibly exploit this vulnerability to execute symbolic link file overwrite attacks.
*** Note : this vulnerability is local only
Solution
Upgrade to the latest version of MySQL 4.0.21 or newer
Severity
Classification
-
CVE CVE-2004-0457 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities - 02 May14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities-01 July14 (Windows)
- IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Linux)
- Oracle MySQL Multiple Unspecified vulnerabilities-02 July14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities-02 Feb15 (Windows)