Package: mysql-server Version: 4.0.23-7 Severity: critical Tags: security
Several vulnerabilities were identified in MySQL, which may be exploited by local attackers to execute arbitrary commands or obtain elevated privileges. - The first flaw is due to an insecure (predictable name) temporary file creation with "CREATE TEMPORARY TABLE", which may be exploited by an attacker that has "CREATE TEMPORARY TABLE" privileges to conduct symlink attacks. - The second vulnerability is due to an arbitrary library injection error and resides in the "udf_init()" function (sql_udf.cc), which may be exploited by an attacker (with INSERT and DELETE privileges) to load/execute a malicious library with MySQL privileges. - The third flaw occurs when handling specially crafted "CREATE FUNCTION" commands, which may be exploited by a malicious user (with INSERT and DELETE privileges) to execute arbitrary code with MySQL privileges. For the complete Advisory see: http://www.k-otik.com/english/advisories/2005/0252 -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net
signature.asc
Description: Digital signature
