[security] Security Advisories

Lorenzo Iannuzzi nakis a libero.it
Mar 20 Apr 2004 21:55:13 CEST


 Shaun Colley discovered that two scripts distributed with MySQL, the
 'mysqld_multi' and 'mysqlbug' scripts, did not create temporary files
 in a secure fashion.  An attacker could create symbolic links in /tmp
 that could allow for overwriting of files with the privileges of the
 user running the scripts.


The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.

Ciao e alla prossima!

Maggiori informazioni sulla lista security