MySQL MyISAM Insecure Temporary File Creation Vulnerability
BID:69732
Info
MySQL MyISAM Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 69732 |
| Class: | Design Error |
| CVE: |
CVE-2014-4274 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 04 2014 12:00AM |
| Updated: | Apr 16 2015 05:45PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 RedHat Enterprise Linux Desktop Workstation 5 client Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Oracle Enterprise Linux 5 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 CentOS CentOS 5 |
| Not Vulnerable: | |
Discussion
MySQL MyISAM Insecure Temporary File Creation Vulnerability
MySQL MyISAM is prone to an insecure temporary file-creation vulnerability.
An attacker can exploit this vulnerability to execute arbitrary code in the context of the MySQL server. Other attacks may also be possible.
MySQL MyISAM is prone to an insecure temporary file-creation vulnerability.
An attacker can exploit this vulnerability to execute arbitrary code in the context of the MySQL server. Other attacks may also be possible.
Exploit / POC
MySQL MyISAM Insecure Temporary File Creation Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.
Solution / Fix
MySQL MyISAM Insecure Temporary File Creation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.