MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
BID:9976
Info
MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 9976 |
| Class: | Design Error |
| CVE: |
CVE-2004-0381 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 25 2004 12:00AM |
| Updated: | Aug 05 2010 07:46PM |
| Credit: | Discovery is credited to Shaun Colley. |
| Vulnerable: |
Redhat Fedora Core1 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux AS 3 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 IA64 MySQL AB MySQL 4.0.18 MySQL AB MySQL 4.0.15 MySQL AB MySQL 4.0.14 MySQL AB MySQL 4.0.13 MySQL AB MySQL 4.0.12 MySQL AB MySQL 4.0.11 -gamma MySQL AB MySQL 4.0.11 MySQL AB MySQL 4.0.10 MySQL AB MySQL 4.0.9 -gamma MySQL AB MySQL 4.0.9 MySQL AB MySQL 4.0.8 -gamma MySQL AB MySQL 4.0.8 MySQL AB MySQL 4.0.7 -gamma MySQL AB MySQL 4.0.7 MySQL AB MySQL 4.0.6 MySQL AB MySQL 4.0.5 a MySQL AB MySQL 4.0.5 MySQL AB MySQL 4.0.4 MySQL AB MySQL 4.0.3 MySQL AB MySQL 4.0.2 MySQL AB MySQL 4.0.1 MySQL AB MySQL 4.0 .0 MySQL AB MySQL 3.23.58 MySQL AB MySQL 3.23.56 MySQL AB MySQL 3.23.55 MySQL AB MySQL 3.23.54 a MySQL AB MySQL 3.23.54 MySQL AB MySQL 3.23.53 a MySQL AB MySQL 3.23.53 MySQL AB MySQL 3.23.52 MySQL AB MySQL 3.23.51 MySQL AB MySQL 3.23.50 MySQL AB MySQL 3.23.49 MySQL AB MySQL 3.23.48 MySQL AB MySQL 3.23.47 MySQL AB MySQL 3.23.46 MySQL AB MySQL 3.23.45 MySQL AB MySQL 3.23.44 MySQL AB MySQL 3.23.43 MySQL AB MySQL 3.23.42 MySQL AB MySQL 3.23.41 MySQL AB MySQL 3.23.40 MySQL AB MySQL 3.23.39 MySQL AB MySQL 3.23.38 MySQL AB MySQL 3.23.37 MySQL AB MySQL 3.23.36 MySQL AB MySQL 3.23.34 MySQL AB MySQL 3.23.33 MySQL AB MySQL 3.23.31 MySQL AB MySQL 3.23.30 MySQL AB MySQL 3.23.29 MySQL AB MySQL 3.23.28 gamma MySQL AB MySQL 3.23.28 MySQL AB MySQL 3.23.27 MySQL AB MySQL 3.23.26 MySQL AB MySQL 3.23.25 MySQL AB MySQL 3.23.24 MySQL AB MySQL 3.23.23 MySQL AB MySQL 3.23.22 MySQL AB MySQL 3.23.10 MySQL AB MySQL 3.23.9 MySQL AB MySQL 3.23.8 MySQL AB MySQL 3.23.5 MySQL AB MySQL 3.23.4 MySQL AB MySQL 3.23.3 MySQL AB MySQL 3.23.2 MySQL AB MySQL 3.22.32 MySQL AB MySQL 3.22.30 MySQL AB MySQL 3.22.29 MySQL AB MySQL 3.22.28 MySQL AB MySQL 3.22.27 MySQL AB MySQL 3.22.26 MySQL AB MySQL 3.20.32 a MySQL AB MySQL 4.1.0.0-alpha MySQL AB MySQL 4.1.0-0 Miva htmlscript 3.23.32 Gentoo Linux 1.4 _rc3 Gentoo Linux 1.4 _rc2 Gentoo Linux 1.4 _rc1 Gentoo Linux 1.4 Gentoo Linux 1.2 Gentoo Linux 1.1 a Gentoo Linux 0.7 Gentoo Linux 0.5 |
| Not Vulnerable: | |
Discussion
MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
The MySQL bug reporting utility (mysqlbug) creates a temporary file with a static name when a bug report is aborted. An attacker may exploit this issue to launch symbolic link attacks that will most likely result in corruption of files. This could cause destruction of data and denial of services.
This issue would only affect Unix/Linux-based operating systems.
The MySQL bug reporting utility (mysqlbug) creates a temporary file with a static name when a bug report is aborted. An attacker may exploit this issue to launch symbolic link attacks that will most likely result in corruption of files. This could cause destruction of data and denial of services.
This issue would only affect Unix/Linux-based operating systems.
Exploit / POC
MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
There is no exploit required.
There is no exploit required.
Solution / Fix
MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
Solution:
This issue has been addressed in the MySQL development source repository. Instructions on how to build MySQL from the source repository are available at the following location:
http://www.mysql.com/doc/en/Installing_source_tree.html
The fix will also reportedly be included in an upcoming release of MySQL.
Red Hat has released advisory RHSA-2004:569-16 and fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
Gentoo has released an advisory (GLSA 200405-20) and an updated eBuild to address this issue. Gentoo advises that users upgrade to the latest version of MySQL by executing the following commands as a superuser:
emerge sync
emerge -pv ">=dev-db/mysql-4.0.18-r2"
emerge ">=dev-db/mysql-4.0.18-r2"
Mandrake has released an advisory (MDKSA-2004:034) and fixes to address this issue. Mandrake users are advised to apply these fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
Debian has released an advisory (DSA 483-1) and fixes to address this issue. Debian users are advised to apply these fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
OpenPKG has released advisory SA-2004.014 as well as fixes dealing with this and other issues.
RedHat Fedora has made an advisory available (FEDORA-2004-530) dealing with this and other issues. Please see the referenced advisory for more information.
TurboLinux has released Security Announcement 17/Feb/2005 dealing with this and other issues; please see the reference section for more information.
A Fedora Legacy advisory FLSA:2129 is available to address this issue in Red Hat Linux 7.3, Red Hat Linux 9, and Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information.
MySQL AB MySQL 3.23.49
MySQL AB MySQL 3.23.54 a
MySQL AB MySQL 3.23.56
MySQL AB MySQL 3.23.58
MySQL AB MySQL 4.0.11
MySQL AB MySQL 4.0.15
MySQL AB MySQL 4.0.18
Solution:
This issue has been addressed in the MySQL development source repository. Instructions on how to build MySQL from the source repository are available at the following location:
http://www.mysql.com/doc/en/Installing_source_tree.html
The fix will also reportedly be included in an upcoming release of MySQL.
Red Hat has released advisory RHSA-2004:569-16 and fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
Gentoo has released an advisory (GLSA 200405-20) and an updated eBuild to address this issue. Gentoo advises that users upgrade to the latest version of MySQL by executing the following commands as a superuser:
emerge sync
emerge -pv ">=dev-db/mysql-4.0.18-r2"
emerge ">=dev-db/mysql-4.0.18-r2"
Mandrake has released an advisory (MDKSA-2004:034) and fixes to address this issue. Mandrake users are advised to apply these fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
Debian has released an advisory (DSA 483-1) and fixes to address this issue. Debian users are advised to apply these fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
OpenPKG has released advisory SA-2004.014 as well as fixes dealing with this and other issues.
RedHat Fedora has made an advisory available (FEDORA-2004-530) dealing with this and other issues. Please see the referenced advisory for more information.
TurboLinux has released Security Announcement 17/Feb/2005 dealing with this and other issues; please see the reference section for more information.
A Fedora Legacy advisory FLSA:2129 is available to address this issue in Red Hat Linux 7.3, Red Hat Linux 9, and Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information.
MySQL AB MySQL 3.23.49
-
Debian libmysqlclient10-dev_3.23.49-8.6_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_alpha.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_arm.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_hppa.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_i386.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_ia64.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_m68k.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_mips.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_mipsel.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_powerpc.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_s390.deb -
Debian libmysqlclient10-dev_3.23.49-8.6_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.6_sparc.deb -
Debian libmysqlclient10_3.23.49-8.6_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_alpha.deb -
Debian libmysqlclient10_3.23.49-8.6_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_arm.deb -
Debian libmysqlclient10_3.23.49-8.6_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_hppa.deb -
Debian libmysqlclient10_3.23.49-8.6_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_i386.deb -
Debian libmysqlclient10_3.23.49-8.6_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_ia64.deb -
Debian libmysqlclient10_3.23.49-8.6_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_m68k.deb -
Debian libmysqlclient10_3.23.49-8.6_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_mips.deb -
Debian libmysqlclient10_3.23.49-8.6_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_mipsel.deb -
Debian libmysqlclient10_3.23.49-8.6_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_powerpc.deb -
Debian libmysqlclient10_3.23.49-8.6_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_s390.deb -
Debian libmysqlclient10_3.23.49-8.6_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.6_sparc.deb -
Debian mysql-client_3.23.49-8.6_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_alpha.deb -
Debian mysql-client_3.23.49-8.6_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_arm.deb -
Debian mysql-client_3.23.49-8.6_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_hppa.deb -
Debian mysql-client_3.23.49-8.6_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_i386.deb -
Debian mysql-client_3.23.49-8.6_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_ia64.deb -
Debian mysql-client_3.23.49-8.6_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_m68k.deb -
Debian mysql-client_3.23.49-8.6_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_mips.deb -
Debian mysql-client_3.23.49-8.6_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_mipsel.deb -
Debian mysql-client_3.23.49-8.6_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_powerpc.deb -
Debian mysql-client_3.23.49-8.6_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_s390.deb -
Debian mysql-client_3.23.49-8.6_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.6_sparc.deb -
Debian mysql-common_3.23.49-8.6_all.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-common_3.23 .49-8.6_all.deb -
Debian mysql-server_3.23.49-8.6_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_alpha.deb -
Debian mysql-server_3.23.49-8.6_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_arm.deb -
Debian mysql-server_3.23.49-8.6_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_hppa.deb -
Debian mysql-server_3.23.49-8.6_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_i386.deb -
Debian mysql-server_3.23.49-8.6_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_ia64.deb -
Debian mysql-server_3.23.49-8.6_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_m68k.deb -
Debian mysql-server_3.23.49-8.6_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_mips.deb -
Debian mysql-server_3.23.49-8.6_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_mipsel.deb -
Debian mysql-server_3.23.49-8.6_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_powerpc.deb -
Debian mysql-server_3.23.49-8.6_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_s390.deb -
Debian mysql-server_3.23.49-8.6_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.6_sparc.deb -
RedHat mysql-3.23.58-1.73.5.legacy.i386.rpm
RedHat Linux 7.3
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mysql-3.23.58 -1.73.5.legacy.i386.rpm -
RedHat mysql-devel-3.23.58-1.73.5.legacy.i386.rpm
RedHat Linux 7.3
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mysql-devel-3 .23.58-1.73.5.legacy.i386.rpm -
RedHat mysql-server-3.23.58-1.73.5.legacy.i386.rpm
RedHat Linux 7.3
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mysql-server- 3.23.58-1.73.5.legacy.i386.rpm
MySQL AB MySQL 3.23.54 a
-
RedHat mysql-3.23.58-1.90.5.legacy.i386.rpm
RedHat Linux 9
http://download.fedoralegacy.org/redhat/9/updates/i386/mysql-3.23.58-1 .90.5.legacy.i386.rpm -
RedHat mysql-devel-3.23.58-1.90.5.legacy.i386.rpm
RedHat Linux 9
http://download.fedoralegacy.org/redhat/9/updates/i386/mysql-devel-3.2 3.58-1.90.5.legacy.i386.rpm -
RedHat mysql-server-3.23.58-1.90.5.legacy.i386.rpm
RedHat Linux 9
http://download.fedoralegacy.org/redhat/9/updates/i386/mysql-server-3. 23.58-1.90.5.legacy.i386.rpm
MySQL AB MySQL 3.23.56
-
Mandrake libmysql10-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql10-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql10-devel-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql10-devel-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-3.23.56-1.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-3.23.56-1.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php
MySQL AB MySQL 3.23.58
-
Fedora mysql-3.23.58-9.1.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-3.23.58-9.1.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-bench-3.23.58-9.1.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-bench-3.23.58-9.1.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-debuginfo-3.23.58-9.1.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-debuginfo-3.23.58-9.1.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-devel-3.23.58-9.1.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-devel-3.23.58-9.1.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-server-3.23.58-9.1.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora mysql-server-3.23.58-9.1.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
RedHat mysql-3.23.58-4.3.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/mysql-3.23.58-4 .3.legacy.i386.rpm -
RedHat mysql-bench-3.23.58-4.3.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/mysql-bench-3.2 3.58-4.3.legacy.i386.rpm -
RedHat mysql-devel-3.23.58-4.3.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/mysql-devel-3.2 3.58-4.3.legacy.i386.rpm -
RedHat mysql-server-3.23.58-4.3.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/mysql-server-3. 23.58-4.3.legacy.i386.rpm -
TurboLinux MySQL-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/MySQL-3.23.58-7.i586.rpm -
TurboLinux MySQL-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/MySQL-3.23.58-7.i586.rpm -
TurboLinux MySQL-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/MySQL-3.23.58-7.i586.rpm -
TurboLinux MySQL-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/MySQL-3.23.58-7.i586.rpm -
TurboLinux MySQL-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/MySQL-3.23.58-7.i586.rpm -
TurboLinux MySQL-bench-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/MySQL-bench-3.23.58-7.i586.rpm -
TurboLinux MySQL-bench-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/MySQL-bench-3.23.58-7.i586.rpm -
TurboLinux MySQL-bench-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/MySQL-bench-3.23.58-7.i586.rpm -
TurboLinux MySQL-bench-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/MySQL-bench-3.23.58-7.i586.rpm -
TurboLinux MySQL-bench-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/MySQL-bench-3.23.58-7.i586.rpm -
TurboLinux MySQL-client-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/MySQL-client-3.23.58-7.i586.rpm -
TurboLinux MySQL-client-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/MySQL-client-3.23.58-7.i586.rpm -
TurboLinux MySQL-client-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/MySQL-client-3.23.58-7.i586.rpm -
TurboLinux MySQL-client-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/MySQL-client-3.23.58-7.i586.rpm -
TurboLinux MySQL-client-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/MySQL-client-3.23.58-7.i586.rpm -
TurboLinux MySQL-devel-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/MySQL-devel-3.23.58-7.i586.rpm -
TurboLinux MySQL-devel-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/MySQL-devel-3.23.58-7.i586.rpm -
TurboLinux MySQL-devel-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/MySQL-devel-3.23.58-7.i586.rpm -
TurboLinux MySQL-devel-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/MySQL-devel-3.23.58-7.i586.rpm -
TurboLinux MySQL-devel-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/MySQL-devel-3.23.58-7.i586.rpm -
TurboLinux MySQL-shared-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/MySQL-shared-3.23.58-7.i586.rpm -
TurboLinux MySQL-shared-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/MySQL-shared-3.23.58-7.i586.rpm -
TurboLinux MySQL-shared-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/MySQL-shared-3.23.58-7.i586.rpm -
TurboLinux MySQL-shared-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/MySQL-shared-3.23.58-7.i586.rpm -
TurboLinux MySQL-shared-3.23.58-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/MySQL-shared-3.23.58-7.i586.rpm
MySQL AB MySQL 4.0.11
-
Mandrake libmysql12-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql12-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql12-devel-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql12-devel-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-common-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-common-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-4.0.11a-5.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-4.0.11a-5.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php
MySQL AB MySQL 4.0.15
-
Mandrake libmysql12-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql12-devel-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-4.0.15-1.1.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-4.0.15-1.1.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-4.0.15-1.1.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-common-4.0.15-1.1.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-common-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-4.0.15-1.1.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-4.0.15-1.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
OpenPKG mysql-4.0.18-2.0.1.src.rpm
ftp://ftp.openpkg.org/release/2.0/UPD/ mysql-4.0.18-2.0.1.src.rpm
MySQL AB MySQL 4.0.18
-
Mandrake libmysql12-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libmysql12-devel-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-bench-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-client-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-common-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake MySQL-Max-4.0.18-1.1.100mdk.i586.rpm
Mandrakelinux 10.0
http://www.mandrakesecure.net/en/ftp.php
References
MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
References:
References:
- MySQL Homepage (Oracle)
- RHSA-2004:569-16 - Updated mysql packages fix minor security issues and bugs (Red Hat)
- mysqlbug tmpfile/symlink vulnerability. (=?iso-8859-1?q?Shaun=20Colley?=
)