Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.11
-
None
-
Linux
Description
CVE-2005-0004 was filed in 2005 against mysql for the mysqlaccess script. Scanners report:
-The following file versions were found to be less than 2.07: <path>/bin/mysqlaccess
- Certain versions of the 'mysqlaccess' program shipped with MySQL are vulnerable to a symlink attack because the temporary files used are easy to predict. As a result, a local attacker can overwrite any file which the calling process has write access to.
Looking at the mysqlaccess shipped in MariaDB 10.1.11 (and earlier), we find:
package MySQLaccess; |
#use strict;
|
use File::Temp qw(tempfile tmpnam); |
use Fcntl; |
|
BEGIN {
|
# **************************** |
# static information... |
$VERSION = "2.06, 20 Dec 2000"; |
So the question is – Is MariaDB actually vulnerable, or has it simply failed to update the version listed in mysqlaccess?