Описание
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 5.5.32-0ubuntu1 |
| lucid | DNE | |
| precise | released | 5.5.32-0ubuntu0.12.04.1 |
| quantal | released | 5.5.32-0ubuntu0.12.10.1 |
| raring | released | 5.5.32-0ubuntu0.13.04.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | released | 5.1.70-0ubuntu0.10.04.1 |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
Race condition in the post-installation script (mysql-server-5.5.posti ...
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
EPSS
1.9 Low
CVSS2