Description

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Remediation

References

CVE-2004-0457

Related Vulnerabilities

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10403)

WordPress Plugin Job Manager Cross-Site Scripting (0.7.22)

Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29008)

Java Denial of Service (DoS) Vulnerability (CVE-2018-11212)

Severity

Medium

Classification

CVE-2004-0457

Tags

Missing Update Known Vulnerabilities