Command injection

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14479

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14476

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14478

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14480

MMM Agent exposure: A set of remote command injection flaws in MMM::Agent::Helpers::Network (clear_ip/add_ip, check_ip) in mmm_agentd 2.2.1 (FreeBSD; Linux/Solaris variants in related code paths) allows unauthenticated TCP clients to execute arbitrary commands with mmm_agentd privileges. Root cau...

CVE-2017-14474

Summary: CVE-2017-14474 and related MMM vulnerabilities affect MMM mmm_agentd 2.2.1, where _execute() constructs a shell command without sanitizing the $params, enabling an unauthenticated attacker who can open a TCP session to execute arbitrary commands with the privileges of mmm_agentd. Related...

CVE-2017-14481

The CVE-2017-14481 entry concerns a shell command injection in MMM (MySQL MMM) mmm_agentd 2.2.1 (Solaris). The vulnerability resides in MMM::Agent::Helpers::Network::send_arp (and related functions in MMM) where un-sanitized input from MMM protocol messages can be interpolated into shell commands...

CVE-2017-14480

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14474

In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...

CVE-2017-14476

CVE-2017-14476 affects MySQL MMM MMM agent (mmm_agentd) v2.2.1. Multiple remote command-injection vulnerabilities exist in the MMM Agent helpers, notably in MMM::Agent::Helpers::Network::add_ip(), with variants across Linux, Solaris, and FreeBSD, plus related helpers (clear_ip, check_ip) and _exe...

CVE-2017-14475

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14479

CVE-2017-14479 affects MMM MMM Agent (mmm_agentd) 2.2.1 on Solaris, with a shell command injection in MMM::Agent::Helpers::Network::clear_ip triggered by specially crafted protocol messages via a TCP session. The vulnerability arises from unsafely passing untrusted input (IP/if, etc.) through she...

CVE-2017-14477

CVE-2017-14477 relates to a shell-command injection in MMM::Agent::Helpers::Network::add_ip within MMM mmm_agentd 2.2.1 (FreeBSD). A specially crafted MMM protocol message over TCP can trigger arbitrary command execution with the privileges of mmm_agentd. Connected sources (Talos, CNVD/CVE record...

CVE-2017-14477

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14479

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14476

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

CVE-2017-14475

MMM Agent (mmm_agentd) 2.2.1 for Linux is affected by multiple shell command injection flaws in the MMM::Agent::Helpers::Network::add_ip and related code paths. A specially crafted MMM protocol message can inject commands via untrusted role IP input passed through configure_ip/add_ip/clear_ip and...

PT-2018-5670 · Mysql Server · Mysql Multi-Master Replication Manager

Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the add ip function, resulting in arbitrary command execution with the privileges...

PT-2018-5673 · Mysql Server · Mysql Multi-Master Replication Manager

Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the clear ip function, resulting in arbitrary command execution with the privileg...

PT-2018-5675 · Mysql Server · Mysql Multi-Master Replication Manager

Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the clear ip function, resulting in arbitrary command execution with the privileg...