Description

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Remediation

References

CVE-2004-0457

Related Vulnerabilities

Joomla Improper Access Control Vulnerability (CVE-2016-9838)

WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)

WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)

WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19)

Severity

Medium

Classification

CVE-2004-0457

Tags

Missing Update Known Vulnerabilities