Description

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Remediation

References

CVE-2004-0457

Related Vulnerabilities

WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3)

WordPress Plugin Simple Image Manipulator Arbitrary File Download (1.0)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)

WebLogic CVE-2018-11039 Vulnerability (CVE-2018-11039)

MySQL CVE-2020-2926 Vulnerability (CVE-2020-2926)

Severity

Medium

Classification

CVE-2004-0457

Tags

Missing Update Known Vulnerabilities