Your submission was sent successfully! Close

USN-63-1: MySQL client vulnerability

19 January 2005

MySQL client vulnerability



Javier Fernández-Sanguino Peña noticed that the "mysqlaccess" program
created temporary files in an insecure manner. This could allow a
symbolic link attack to create or overwrite arbitrary files with the
privileges of the user invoking the program.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
  • mysql-client -

In general, a standard system update will make all the necessary changes.