Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9546

mysqlaccess script shows an old version (which was vulnerable to CVE-2005-0004)

    Details

      Description

      CVE-2005-0004 was filed in 2005 against mysql for the mysqlaccess script. Scanners report:

      -The following file versions were found to be less than 2.07: <path>/bin/mysqlaccess

      • Certain versions of the 'mysqlaccess' program shipped with MySQL are vulnerable to a symlink attack because the temporary files used are easy to predict. As a result, a local attacker can overwrite any file which the calling process has write access to.

      Looking at the mysqlaccess shipped in MariaDB 10.1.11 (and earlier), we find:

      package MySQLaccess;
      #use strict;
      use File::Temp qw(tempfile tmpnam);
      use Fcntl;
       
      BEGIN {
          # ****************************
          # static information...
          $VERSION     = "2.06, 20 Dec 2000";
      

      So the question is – Is MariaDB actually vulnerable, or has it simply failed to update the version listed in mysqlaccess?

        Attachments

          Activity

            People

            • Assignee:
              serg Sergei Golubchik
              Reporter:
              quanah Quanah Gibson-Mount
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: