Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9546

mysqlaccess script shows an old version (which was vulnerable to CVE-2005-0004)

    XMLWordPrintable

    Details

      Description

      CVE-2005-0004 was filed in 2005 against mysql for the mysqlaccess script. Scanners report:

      -The following file versions were found to be less than 2.07: <path>/bin/mysqlaccess

      • Certain versions of the 'mysqlaccess' program shipped with MySQL are vulnerable to a symlink attack because the temporary files used are easy to predict. As a result, a local attacker can overwrite any file which the calling process has write access to.

      Looking at the mysqlaccess shipped in MariaDB 10.1.11 (and earlier), we find:

      package MySQLaccess;
      #use strict;
      use File::Temp qw(tempfile tmpnam);
      use Fcntl;
       
      BEGIN {
          # ****************************
          # static information...
          $VERSION     = "2.06, 20 Dec 2000";
      

      So the question is – Is MariaDB actually vulnerable, or has it simply failed to update the version listed in mysqlaccess?

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            quanah Quanah Gibson-Mount
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: