Arbitrary File Overwrite Vulnerability in MySQL Temporary Tables

Arbitrary File Overwrite Vulnerability in MySQL Temporary Tables

CVE-2005-0711 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.