Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL mysql_install_db以不安全方式创建临时文件漏洞
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL的安装脚本在创建临时文件时存在问题,本地攻击者可能利用此漏洞提升自己的权限。 MySQL中的漏洞可能允许本地用户非授权访问数据库或获得权限提升,起因是以不安全的方式创建临时文件。这个漏洞影响mysql_install_db脚本。
CVSS Information
N/A
Vulnerability Type
N/A