CVE-2013-2162

Name of the Vulnerable Software and Affected Versions MySQL Server version 5.5

Description A race condition in the post-installation script for MySQL Server 5.5 creates a configuration file with world-readable permissions before restricting the permissions. This allows local users to read the file and obtain sensitive information, such as credentials.

Recommendations For MySQL Server version 5.5, consider restricting access to the configuration file until the permissions are properly set, or manually adjust the permissions to prevent unauthorized access. As a temporary workaround, restrict read access to the configuration file to minimize the risk of credential exposure.