Description

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Remediation

References

CVE-2004-0457

Related Vulnerabilities

Oracle Database Server CVE-2014-6560 Vulnerability (CVE-2014-6560)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.24)

WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.17)

WordPress Plugin Galleries by Angie Makes Cross-Site Scripting (1.67)

WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2)

Severity

Medium

Classification

CVE-2004-0457

Tags

Missing Update Known Vulnerabilities