5 matches found
CVE-2020-7221
A privilege escalation vulnerability was found in MariaDB, in the way it handled a setuid program during the installation process. A local MySQL user could abuse this flaw to escalate their privileges on the system, by gaining root privileges once the bash script mysqlinstalldb.sh is executed...
MariaDB 10.4.7 - 10.4.11 Privilege Escalation Vulnerability (Linux)
MariaDB is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
CVE-2020-7221
mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...
CVE-2020-7221
CVE-2020-7221 affects MariaDB 10.4.7–10.4.11 where a vulnerability in mysql_install_db allows local privilege escalation from the mysql user to root due to unsafe handling of chown/chmod, demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. The issue does not affe...
CVE-2020-7221
mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...