FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-11 14:10:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
ce109fd4-67f3-11d9-a9e7-0001020eed82	mysql-scripts -- mysqlaccess insecure temporary file creation The Debian Security Team reports: Javier FernÃ¡ndez-Sanguino PeÃ±a from the Debian Security Audit Project discovered a temporary file vulnerability in the mysqlaccess script of MySQL that could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack and could also could unveil the contents of a temporary file which might contain sensitive information. Discovery 2005-01-12 Entry 2005-01-16 Modified 2005-01-17 mysql-scripts < 3.23.58_2 > 4.* lt 4.0.23a_1 > 4.1.* lt 4.1.9_1 > 5.* lt 5.0.2_1 CVE-2005-0004 http://lists.mysql.com/internals/20600
0c4d5973-f2ab-11d8-9837-000c41e2cdad	mysql -- mysqlhotcopy insecure temporary file creation According to Christian Hammers: [mysqlhotcopy created] temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. Jeroen van Wolffelaar is credited with discovering the issue. Discovery 2004-08-18 Entry 2004-08-22 mysql-scripts <= 3.23.58 > 4 le 4.0.20 > 4.1 le 4.1.3 > 5 le 5.0.0_1 CVE-2004-0457 http://www.debian.org/security/2004/dsa-540 http://lists.mysql.com/internals/15185

VuXML ID

Description

ce109fd4-67f3-11d9-a9e7-0001020eed82

mysql-scripts -- mysqlaccess insecure temporary file creation

The Debian Security Team reports:

Javier FernÃ¡ndez-Sanguino PeÃ±a from the Debian Security Audit Project discovered a temporary file vulnerability in the mysqlaccess script of MySQL that could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack and could also could unveil the contents of a temporary file which might contain sensitive information.

Discovery 2005-01-12
Entry 2005-01-16
Modified 2005-01-17
mysql-scripts

< 3.23.58_2

> 4.* lt 4.0.23a_1

> 4.1.* lt 4.1.9_1

> 5.* lt 5.0.2_1

CVE-2005-0004
http://lists.mysql.com/internals/20600

0c4d5973-f2ab-11d8-9837-000c41e2cdad

mysql -- mysqlhotcopy insecure temporary file creation

According to Christian Hammers:

[mysqlhotcopy created] temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack.

Jeroen van Wolffelaar is credited with discovering the issue.

Discovery 2004-08-18
Entry 2004-08-22
mysql-scripts

<= 3.23.58

> 4 le 4.0.20

> 4.1 le 4.1.3

> 5 le 5.0.0_1

CVE-2004-0457
http://www.debian.org/security/2004/dsa-540
http://lists.mysql.com/internals/15185