[security] Security Advisories
nakis a libero.it
Mar 20 Apr 2004 21:55:13 CEST
Shaun Colley discovered that two scripts distributed with MySQL, the
'mysqld_multi' and 'mysqlbug' scripts, did not create temporary files
in a secure fashion. An attacker could create symbolic links in /tmp
that could allow for overwriting of files with the privileges of the
user running the scripts.
The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.
Ciao e alla prossima!
Maggiori informazioni sulla lista