Description
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-75-1 | mysql-5.1 security update |
Debian DSA |
DSA-2818-1 | mysql-5.5 security update |
EUVD |
EUVD-2013-2125 | Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials. |
Ubuntu USN |
USN-1909-1 | MySQL vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T15:27:40.985Z
Reserved: 2013-02-19T00:00:00.000Z
Link: CVE-2013-2162
No data.
Status : Modified
Published: 2013-08-19T13:07:40.867
Modified: 2026-06-16T23:52:51.870
Link: CVE-2013-2162
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Debian DLA
Debian DSA
EUVD
Ubuntu USN