Test ID:	1.3.6.1.4.1.25623.1.0.52233
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: mysql-scripts
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: mysql-scripts CVE-2005-0004 The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0004 BugTraq ID: 12277 http://www.securityfocus.com/bid/12277 Bugtraq: 20050118 [USN-63-1] MySQL client vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110608297217224&w=2 Conectiva Linux advisory: CLA-2005:947 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 Debian Security Information: DSA-647 (Google Search) http://www.debian.org/security/2005/dsa-647 http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 http://secunia.com/advisories/13867 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 XForce ISS Database: mysql-mysqlaccess-symlink(18922) https://exchange.xforce.ibmcloud.com/vulnerabilities/18922
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.