CVE-2005-0004 was filed in 2005 against mysql for the mysqlaccess script. Scanners report:
-The following file versions were found to be less than 2.07: <path>/bin/mysqlaccess
- Certain versions of the 'mysqlaccess' program shipped with MySQL are vulnerable to a symlink attack because the temporary files used are easy to predict. As a result, a local attacker can overwrite any file which the calling process has write access to.
Looking at the mysqlaccess shipped in MariaDB 10.1.11 (and earlier), we find:
package MySQLaccess;
|
#use strict;
|
use File::Temp qw(tempfile tmpnam);
|
use Fcntl;
|
|
BEGIN {
|
# ****************************
|
# static information...
|
$VERSION = "2.06, 20 Dec 2000";
|
So the question is – Is MariaDB actually vulnerable, or has it simply failed to update the version listed in mysqlaccess?
Bug
Major
