BIT-MYSQL-CLIENT-2023-39593

Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

ROS-20250326-05

A vulnerability in the sysexec function of MariaDB software is related to insecure permissions. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands with elevated privileges...

SUSE CVE-2023-39593

Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

CVE-2023-39593

Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

CVE-2023-39593

CVE-2023-39593 concerns Insecure permissions in the sys_exec function of MariaDB v10.5. The connected documents consistently describe that authenticated attackers could execute arbitrary commands with elevated privileges, though the MariaDB Foundation disputes that any privilege boundary is cross...

MariaDB 安全漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A code injection vulnerability exists in MariaDB version 10.5, which stems from insecure privileges in the sysexec function and can be exploited by...

CVE-2023-39593

Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Date: 29/08/2021 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux...

MySQL User-Defined (Linux) x32 / x86_64 - (sys_exec) Local Privilege Escalation Exploit (2)

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux x8664 using...

MySQL User-Defined (Linux) x32 / x86_64 sys_exec Local Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Date: 29/08/2021 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux...

MySQL User-Defined (Linux) x32 / x86_64 sys_exec Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 8.11 / mysql Ver 14.14 Distrib 5.5.60...

MySQL User-Defined (Linux) (x86) - 'sys_exec' Local Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 8.11 / mysql Ver 14.14 Distrib 5.5.60...

MySQL User-Defined (Linux) (x32x86_64) - sys_exec Local Privilege Escalation

MySQL User-Defined Linux x32x8664 - sysexec Local Privilege Escalation Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL...

MySQL User-Defined (Linux) x32 / x86_64 - sys_exec Function Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on:...

Oracle MySQL UDF Payload Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle MySQL UDF Payload Execution', 'Description' = %q This module creates and enables a custom UDF user defined function on the target host via...

Oracle MySQL UDF Payload Execution Exploit

This Metasploit module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL servi...

Oracle MySQL for Microsoft Windows Payload Execution

This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 5.5.9, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE...