Lucene search

K

Veracode Vulnerability DatabaseVERACODE:17640

HistoryMay 02, 2019 - 5:51 a.m.

Privilege Escalation

2019-05-0205:51:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

EPSS

0.118

Percentile

95.3%

mysqld_safe is vulnerable to privilege escalation attacks. The flaw was found in the way the mysqld_safe script handled creation of error log file. A local authenticated user could use this flaw to escalate their privileges to root.

References

legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html

packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html

rhn.redhat.com/errata/RHSA-2016-2130.html

rhn.redhat.com/errata/RHSA-2016-2749.html

seclists.org/fulldisclosure/2016/Nov/4

www.debian.org/security/2017/dsa-3770

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL

www.securityfocus.com/archive/1/539695/100/0/threaded

www.securityfocus.com/bid/93612

access.redhat.com/errata/RHSA-2017:2192

access.redhat.com/errata/RHSA-2018:0279

access.redhat.com/errata/RHSA-2018:0574

access.redhat.com/security/cve/CVE-2016-6663

access.redhat.com/security/cve/CVE-2016-6664

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1386562

dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html

dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html

rhn.redhat.com/errata/RHSA-2016-2130.html

security.gentoo.org/glsa/201702-18

www.exploit-db.com/exploits/40679/

www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/

EPSS

0.118

Percentile

95.3%