MiracleLinux 4 : rh-mysql56-mysql-5.6.37-5.AXS4 (AXSA:2017-2302:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2302:01 advisory. An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

UBUNTU-CVE-2016-6664

mysqldsafe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...