CVE-2016-6664 / (Oracle)CVE-2016-5617 Vulnerability: MySQL / MariaDB / PerconaDB - Root Privilege Escalation Discovered by: Dawid Golunski @dawid_golunski http://ift.tt/2fcYckq MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user (for example through CVE-2016-6663) to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files. Affected versions: MySQL <= 5.5.51 <= 5.6.32 <= 5.7.14 MariaDB All current Percona Server < 5.5.51-38.2 < 5.6.32-78-1 < 5.7.14-8 Percona XtraDB Cluster < 5.6.32-25.17 < 5.7.14-26.17 < 5.5.41-37.0 The full up-to-date advisory and a PoC exploit can be found at: http://ift.tt/2eZRrlA PoC Video showing the exploitation gaining rootshell: http://ift.tt/2faWtMH attacker will need to obtain mysql account first which could be gained with the other exploit (CVE-2016-6663) I discovered: http://ift.tt/2dZWnda More updates on the feed: https://twitter.com/dawid_golunski
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment