CVE-2005-0711
published 2005-05-02CVE-2005-0711: MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY…
PriorityP417low2.1CVSS 2.0
AVLACLAuNCNIPAN
EXPLOIT
EPSS
1.70%
74.4th percentile
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
mySQL vulnerabilities
vendor_ubuntu·2005-03-16
CVE-2005-0711 mySQL vulnerabilities
Title: mySQL vulnerabilities
Summary: mySQL vulnerabilities
Stefano Di Paola discovered three privilege escalation flaws in the MySQL
server:
- If an authenticated user had INSERT privileges on the 'mysql' administrative
database, the CREATE FUNCTION command allowed that user to use libc functions
to execute arbitrary code with the privileges of the database server (user
'mysql'). (CAN-2005-0709)
- If an authenticated user had INSERT privileges on the 'mysql' administrative
database, it was possible to load a library located in an arbitrary directory
by using INSERT INTO mysql.func instead of CREATE FUNCTION. This allowed the
user to execute arbitrary code with the privileges of the database server (user
'mysql'). (CAN-2005-0710)
- Temporary files belonging to tables created with CREA
Red Hat
security flaw
vendor_redhat·2005-03-11·CVSS 2.1
CVE-2005-0711 [LOW] security flaw
security flaw
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
GHSA
GHSA-pxgm-cjcm-fmcg: MySQL 4
ghsa_unreviewed·2022-05-01
CVE-2005-0711 [LOW] GHSA-pxgm-cjcm-fmcg: MySQL 4
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
No detection rules found.
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1http://www.debian.org/security/2005/dsa-707http://www.gentoo.org/security/en/glsa/glsa-200503-19.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:060http://www.novell.com/linux/security/advisories/2005_19_mysql.htmlhttp://www.redhat.com/support/errata/RHSA-2005-334.htmlhttp://www.redhat.com/support/errata/RHSA-2005-348.htmlhttp://www.securityfocus.com/bid/12781http://www.trustix.org/errata/2005/0009/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591https://usn.ubuntu.com/96-1/http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1http://www.debian.org/security/2005/dsa-707http://www.gentoo.org/security/en/glsa/glsa-200503-19.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:060http://www.novell.com/linux/security/advisories/2005_19_mysql.htmlhttp://www.redhat.com/support/errata/RHSA-2005-334.htmlhttp://www.redhat.com/support/errata/RHSA-2005-348.htmlhttp://www.securityfocus.com/bid/12781http://www.trustix.org/errata/2005/0009/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591https://usn.ubuntu.com/96-1/
2005-05-02
Published