CVE-2013-2162
Ubuntu Linux - Race Condition in MySQL Server Post-Installation Script
Title source: llmDescription
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54300
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2818
Exploit x_refsource_misc
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711600
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2013/q2/528
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/60424
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://ubuntu.com/usn/usn-1909-1
Scores
EPSS
0.0035
EPSS Percentile
26.8%
Details
CWE
CWE-362
Status
published
Products (4)
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
12.10
canonical/ubuntu_linux
13.04
Published
Aug 19, 2013
Tracked Since
Feb 18, 2026