mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 14:24:48 +02:00
0xMarcio
802 B
802 B
CVE-2013-2162
Description
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
POC
Reference
Github
No PoCs found on GitHub currently.