Lucene search

Veracode Vulnerability DatabaseVERACODE:17639

HistoryMay 02, 2019 - 5:51 a.m.

Privilege Escalation

2019-05-0205:51:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

JSON

Oracle MySQL, MariaDB, Percona Server and Percona XtraDB Cluster are vulnerable to privilege escalation. A locally authenticated attacker may use race condition while setting stats during MyISAM table repair to obtain elevated privileges.

CPENameOperatorVersion
mysql55-mysqleq5.5.37__5.el6
mysql55-mysqleq5.5.50__1.el6
mysql55-mysqleq5.5.45__1.el6
mysql55-mysqleq5.5.41__2.el6
mysql55-mysqleq5.5.37__1.2.el6
mysql55-mysqleq5.5.40__1.el6
mysql55-mysqleq5.5.32__2.el6
mysql55-mysqleq5.5.36__1.1.el6
rh-mariadb100-mariadbeq10.0.17__9.el6
rh-mariadb100-mariadbeq10.0.25__4.el6

Name	Operator	Version
mysql55-mysql	eq	5.5.37__5.el6
mysql55-mysql	eq	5.5.50__1.el6
mysql55-mysql	eq	5.5.45__1.el6
mysql55-mysql	eq	5.5.41__2.el6
mysql55-mysql	eq	5.5.37__1.2.el6
mysql55-mysql	eq	5.5.40__1.el6
mysql55-mysql	eq	5.5.32__2.el6
mysql55-mysql	eq	5.5.36__1.1.el6
rh-mariadb100-mariadb	eq	10.0.17__9.el6
rh-mariadb100-mariadb	eq	10.0.25__4.el6

Rows per page:

1-10 of 901

References

rhn.redhat.com/errata/RHSA-2016-2130.html

rhn.redhat.com/errata/RHSA-2016-2131.html

rhn.redhat.com/errata/RHSA-2016-2595.html

rhn.redhat.com/errata/RHSA-2016-2749.html

rhn.redhat.com/errata/RHSA-2016-2927.html

rhn.redhat.com/errata/RHSA-2016-2928.html

rhn.redhat.com/errata/RHSA-2017-0184.html

seclists.org/fulldisclosure/2016/Nov/4

www.openwall.com/lists/oss-security/2016/10/25/4

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL

www.securityfocus.com/bid/92911

www.securityfocus.com/bid/93614

access.redhat.com/security/cve/CVE-2016-6663

access.redhat.com/security/cve/CVE-2016-6664

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1386562

dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html

dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html

dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html

dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html

dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html

github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805

github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291

legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html

mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/

mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/

mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/

rhn.redhat.com/errata/RHSA-2016-2130.html

www.exploit-db.com/exploits/40678/

www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

JSON

Privilege Escalation

References

Related