MySQL < 3.23.56 Writable Configuration Files

The version of MySQL installed on the remote host is older than 3.23.56. As such, it reportedly creates world-writeable files. By restarting the MySQL daemon under root ID, a local attacker could gain root privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...

MySQL < 3.23.56 'mysqld' Privilege Escalation Vulnerability

MySQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2005 StrongHoldNet Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...

MySQL allows default user to be changed to root via custom "my.cnf" file

Overview MySQL reads configuration options from world-writeable files. This can lead to a remote user gaining elevated privileges. Description A message posted to the bugtraq mailing list details a vulnerability affecting versions of MySQL prior to 3.23.56. MySQL would permit users with 'FILE'...

MySQL datadir/my.cnf Modification Privilege Escalation

The remote version of MySQL is older than 3.23.56. Such versions are affected by an issue that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a 'DATADIR/my.cnf' that includes the line 'user=root' under the 'mysqld' option...