Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200409-03 Normal: PostgreSQL Data Exposure Vulnerability

gentoo
Calendar Grey September 1, 2004
Dist Gentoo Esm H88
PostgreSQL's pg_dump may leave unprotected backup files, posing a data security threat. Ensure your setup is current to maintain integrity!
The mysqlhotcopy utility can create temporary files with predictable paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data

Summary

Gentoo Linux Security Advisory GLSA 200409-02 https://security.gentoo.org/ Severity: Normal Title: MySQL: Insecure temporary file creation in mysqlhotcopy Date: September 01, 2004 Bugs: #60744 ID: 200409-02

Synopsis ======= The mysqlhotcopy utility can create temporary files with predictable paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data.
Background ========= MySQL is a popular open-source multi-threaded, multi-user SQL database server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql <= 4.0.20 >= 4.0.20-r1
========== Jeroen van Wolffelaar discovered that the MySQL database hot copy utility (mysqlhotcopy.sh), when using the scp method...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo data protection mysql temporary file overwrite risk normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo data protection mysql temporary file overwrite risk normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here