CVE-2005-0799
https://notcve.org/view.php?id=CVE-2005-0799
MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN. • http://bugs.mysql.com/bug.php?id=9148 http://marc.info/?l=bugtraq&m=111091250923281&w=2 http://secunia.com/advisories/14564 •
CVE-2005-0711 – MySQL 4.x - CREATE Temporary TABLE Symlink Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-0711
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/25211 http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-707 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml http://www.mandriva.com/security/advisories?name=MDKSA •
CVE-2005-0710 – MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection
https://notcve.org/view.php?id=CVE-2005-0710
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. • https://www.exploit-db.com/exploits/25210 http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0083.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=111065974004648&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-707 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml •
CVE-2005-0709 – MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution
https://notcve.org/view.php?id=CVE-2005-0709
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. • https://www.exploit-db.com/exploits/25209 http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=111066115808506&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-707 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2005-0004
https://notcve.org/view.php?id=CVE-2005-0004
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simbólicos (symlink) en ficheros temporales. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 http://lists.mysql.com/internals/20600 http://marc.info/?l=bugtraq&m=110608297217224&w=2 http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html http://secunia.com/advisories/13867 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-647 http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 http://www.securityfocus.com/bid/12277 https: • CWE-59: Improper Link Resolution Before File Access ('Link Following') •