18 matches found
Security Bulletin: IBM Security Guardium is affected by Open Source Oracle MySQL Vulnerabilities (CVE-2016-6662)
Summary MySQL Server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper restrictions to logging functions. By executing a specially crafted series of SQL statements, an attacker could exploit this vulnerability to create or modify my.conf...
Oracle MySQL, MariaDB and PerconaDB Privilege Mobilization Vulnerability
Oracle MySQL, MariaDB, and PerconaServer are database management systems.MySQL is a product of Oracle Corporation.MariaDB is a product of MontyProgramAb, Inc. and the MariaDB Foundation of the U.S.A. PerconaServer is a product of Percona, Inc. PerconaXtraDBCluster is a scalable, open source...
Critical MySQL Vulnerabilities Can Lead to Server Compromise
Critical vulnerabilities in MySQL and vendor deployments by database servers MariaDB and PerconaDB have been identified that can lead to arbitrary code execution, root privilege escalation and server compromise. Dawid Golunski of Legal Hackers published details around two proof-of-concept exploit...
MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits ============================================= - Release date: 01.11.2016 - Discovered by: Dawid Golunski - Severity: High - CVE-2016-6664 / OCVE-2016-5617 - http://legalhackers.com ============================================= I. VULNERABILITY...
MySQL / MariaDB / PerconaDB 提权/条件竞争漏洞(CVE-2016-6663)
Release date: 01.11.2016 - Discovered by: Dawid Golunski I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition MariaDB 5.5.52 10.1.18 10.0.28 MySQL = 5.5.51 = 5.6.32 = 5.7.14 Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB...
MySQL / MariaDB / PerconaDB Privilege Escalation / Race Condition
============================================= - Release date: 01.11.2016 - Discovered by: Dawid Golunski - Severity: Critical - CVE-2016-6663 / OCVE-2016-5616 - http://legalhackers.com ============================================= I. VULNERABILITY ------------------------- MySQL / MariaDB /...
MySQL / MariaDB / PerconaDB elevation of privilege vulnerability, CVE-2016-6664)
I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Root Privilege Escalation MySQL = 5.5.51 = 5.6.32 = 5.7.14 MariaDB All current Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB Cluster 5.6.32-25.17 5.7.14-26.17 5.5.41-37.0 II. BACKGROUND...
MySQL / MariaDB / PerconaDB Root Privilege Escalation
============================================= - Release date: 01.11.2016 - Discovered by: Dawid Golunski - Severity: High/Critical - CVE-2016-6664 / OCVE-2016-5617 - http://legalhackers.com ============================================= I. VULNERABILITY ------------------------- MySQL / MariaDB /...
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' System User Privilege Escalation
!/bin/bash -p Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6664/mysql-chowned.sh MySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit mysql-chowned.sh ver. 1.0 CVE-2016-6664 ...
MySQL MariaDB PerconaDB 5.5.x5.6.x5.7.x - mysql System User Privilege Escalation Race Condition
MySQL MariaDB PerconaDB 5.5.x5.6.x5.7.x - mysql System User Privilege Escalation Race Condition / Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6663/mysql-privesc-race.c...
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
/ Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6663/mysql-privesc-race.c MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit mysql-privesc-race.c ver. 1.0...
CVE-2 0 1 6-6 6 6 2: Mysql remote code execution/privilege escalation technical analysis the official version of 9/1 3 Update-bug warning-the black bar safety net
I. VULNERABILITY MySQL 5.6.33 5.5.52 Clone mysql similarly affected, including: MariaDB PerconaDB II. INTRODUCTION An independent research organization found that more severe Mysql vulnerability, the briefing is among the more serious a vulnerability, CVE-2 0 1 6-6 6 6 2, which allows an attacker...
MySQL <= 5.7.15 remote Root code execution vulnerability
http://legalhackers.com - dawid at legalhackers.com - Release date: 12.09.2016 I. VULNERABILITY ------------------------- MySQL = 5.7.15 Remote Root Code Execution / Privilege Escalation 0day 5.6.33 5.5.52 MySQL clones are also affected, including: MariaDB PerconaDB II. BACKGROUND...
Critical MySQL Vulnerability Disclosed
A researcher has published details and a limited proof-of-concept exploit for a critical vulnerability in MySQL that has been patched by some vendors, but not yet by Oracle. The vulnerability allows an attacker to remotely or locally exploit a vulnerable MySQL database and execute arbitrary code,...
New MySQL Zero Days — Hacking Website Databases
Two critical zero-day vulnerabilities have been discovered in the world's 2nd most popular database management software MySQL that could allow an attacker to take full control over the database. Polish security researcher Dawid Golunski has discovered two zero-days, CVE-2016-6662 and CVE-2016-666...
MySQL MariaDB PerconaDB 5.5.515.6.325.7.14 - Code Execution Privilege Escalation
MySQL MariaDB PerconaDB 5.5.515.6.325.7.14 - Code Execution Privilege Escalation !/usr/bin/python MySQL / MariaDB / Percona - Remote Root Code Execution / PrivEsc PoC Exploit CVE-2016-6662 0ldSQLMySQLRCEexploit.py ver. 1.0 For testing purposes only. Do no harm. Discovered/Coded by: Dawid Golunski...
MySQL 5.7.15 / 5.6.33 / 5.5.52 Remote Code Execution
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-6662 - Release date: 12.09.2016 - Severity: Critical ============================================= I. VULNERABILITY ------------------------- MySQL = 5.7....
MySQL / MariaDB / PerconaDB 5.5.51/5.6.32/5.7.14 - Code Execution / Privilege Escalation
!/usr/bin/python MySQL / MariaDB / Percona - Remote Root Code Execution / PrivEsc PoC Exploit CVE-2016-6662 0ldSQLMySQLRCEexploit.py ver. 1.0 For testing purposes only. Do no harm. Discovered/Coded by: Dawid Golunski http://legalhackers.com This is a limited version of the PoC exploit. It only...