CVE-2016-6663 / OCVE-2016-5616 Vulnerability: MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Discovered by: Dawid Golunski @dawid_golunski http://legalhackers.com Affected versions: MariaDB < 5.5.52 < 10.1.18 < 10.0.28 MySQL <= 5.5.51 <= 5.6.32 <= 5.7.14 Percona Server < 5.5.51-38.2 < 5.6.32-78-1 < 5.7.14-8 Percona XtraDB Cluster < 5.6.32-25.17 < 5.7.14-26.17 < 5.5.41-37.0 An independent research has revealed a race condition vulnerability which affects MySQl, MariaDB and PerconaDB databases. The vulnerability can allow a local system user with access to the affected database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) to escalate their privileges and execute arbitrary code as the database system user (typically 'mysql'). Successful exploitation would allow an attacker to gain full read/write access to all of the files (including configuration files) and databases belonging to the affected database server. The obtained level of access upon the exploitation, could be chained with the other privilege escalation vulnerabilities discovered by the author of this advisory (CVE-2016-6662 and CVE-2016-6664) to further escalate privileges from mysql user to root user and thus allow attackers to fully compromise the target server. The full up-to-date advisory and a PoC exploit can be found at: http://ift.tt/2ftahpB PoC Video: http://ift.tt/2faWtMH
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment