MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqlbug" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity.

Upgrade to version 4.0.20 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1009554
• Secunia Advisory ID: 11223 13407
• ISS X-Force ID: 15617
• CVE ID: 2004-0381 (see also: NVD)
• Related OSVDB ID: 6421
• Bugtraq ID: 9976
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-03/0245.html
• Vendor Specific Advisory URL: http://bugs.mysql.com/bug.php?id=3284
  http://rhn.redhat.com/errata/RHSA-2004-597.html
  http://www.debian.org/security/2004/dsa-483
  http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:034
• Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200405-20.xml
• Vendor URL: http://www.mysql.com/
• Vendor Specific Solution URL: http://www.mysql.com/doc/en/Installing_source_tree.html

• Shaun Colley - shaunigeyahoo.co.uk -