Vulnerability Name:

CVE-2005-1636 (CCN-20656)

Assigned:2005-05-17
Published:2005-05-17
Updated:2019-12-17
Summary:mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:File Manipulation
References:Source: CCN
Type: Full-Disclosure Mailing List, Fri May 13 2005 - 04:57:32 CDT
MySQL < 4.0.12 && MySQL <= 5.0.4 : Insecure tmp file handling

Source: MITRE
Type: CNA
CVE-2005-1636

Source: CCN
Type: MySQL Download Web page
MySQL 4.1 Downloads

Source: FULLDISC
Type: UNKNOWN
20050517 MySQL < 4.0.12 && MySQL <= 5.0.4 : Insecure tmp

Source: CCN
Type: RHSA-2005-685
mysql security update

Source: CCN
Type: SA15369
MySQL mysql_install_db Insecure Temporary File Creation

Source: SECUNIA
Type: UNKNOWN
15369

Source: SECUNIA
Type: UNKNOWN
17080

Source: DEBIAN
Type: DSA-783
mysql-dfsg-4.1 -- insecure temporary file

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:045

Source: CCN
Type: MySQL Web site
The world's most popular open source database

Source: REDHAT
Type: UNKNOWN
RHSA-2005:685

Source: BID
Type: UNKNOWN
13660

Source: CCN
Type: BID-13660
MySQL mysql_install_db Insecure Temporary File Creation Vulnerability

Source: CCN
Type: MySQL mysql_install_db data manipulation
MySQL

Source: MISC
Type: UNKNOWN
http://www.zataz.net/adviso/mysql-05172005.txt

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158688

Source: XF
Type: UNKNOWN
mysql-symlink(20656)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9504

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:mysql:5.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.4:-:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9504
    V
    		mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
    2013-04-29
    oval:com.redhat.rhsa:def:20050685
    P
    		RHSA-2005:685: mysql security update (Low)
    2005-10-05
    oval:org.debian:def:783
    V
    		insecure temporary file
    2005-08-24
    BACK
    mysql mysql 5.0.1
    mysql mysql 5.0.2
    mysql mysql 5.0.3
    mysql mysql 5.0.4
    oracle mysql 4.0.0
    oracle mysql 4.0.1
    oracle mysql 4.0.2
    oracle mysql 4.0.3
    oracle mysql 4.0.4
    oracle mysql 4.0.5
    oracle mysql 4.0.5a
    oracle mysql 4.0.6
    oracle mysql 4.0.7
    oracle mysql 4.0.7 gamma
    oracle mysql 4.0.8
    oracle mysql 4.0.8 gamma
    oracle mysql 4.0.9
    oracle mysql 4.0.9 gamma
    oracle mysql 4.0.10
    oracle mysql 4.0.11
    oracle mysql 4.0.11 gamma
    oracle mysql 5.0.0 alpha
    mysql mysql 4.0.0
    mysql mysql 4.0.1
    mysql mysql 4.0.10
    mysql mysql 4.0.11
    mysql mysql 4.0.11 gamma
    mysql mysql 4.0.2
    mysql mysql 4.0.3
    mysql mysql 4.0.4
    mysql mysql 4.0.5
    mysql mysql 4.0.5a
    mysql mysql 4.0.6
    mysql mysql 4.0.7
    mysql mysql 4.0.7 gamma
    mysql mysql 4.0.8
    mysql mysql 4.0.8 gamma
    mysql mysql 4.0.9
    mysql mysql 4.0.9 gamma
    mysql mysql 5.0.0.0
    mysql mysql 5.0.0 alpha
    mysql mysql 5.0.1
    mysql mysql 5.0.2
    mysql mysql 5.0.3
    mysql mysql 5.0.4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1