General discussion

Locked

What do you think about the error "MySQL Zero Days"?

By ictblogsmail ·
Tags: Security
Golunski further went on to publish details and a proof-of-concept exploit code for CVE-2016-6662 after informing Oracle of both issues, along with vendors of MariaDB and PerconaDB. Read more: https://www.youtube.com/watch?v=ndpc4PhCZq4

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Description about MySQL Zero Days

by Monicadawson123 In reply to What do you think about t ...

Researcher Dawid Golunski reported finding several serious issues in MySQL, including a flaw that can be exploited by remote attackers to inject malicious settings into my.cnf configuration files. The weakness can be leveraged for arbitrary code execution with root privileges, which can lead to the server running MySQL getting completely compromised.

The vulnerability, tracked as CVE-2016-6662, can be exploited by an attacker who can authenticate to the MySQL database via a network connection or a web interface such as phpMyAdmin, and through a SQL injection attack without requiring a direct connection.

Another, undisclosed MySQL vulnerability found by the researcher, identified as CVE-2016-6663, makes this zero-day easy to exploit even by low-privileged attackers.
CVE-2016-6662 allows attackers to make changes to the my.conf file and load third-party code that will be carried out with root privileges.

The second vulnerability, which is CVE-2016-6663 and a variation of CVE-2016-6662, was too discovered by Golunski but not made public by him. CVE-2016-6663 also leads to remote code execution under a root user.

Until Oracle finds a solution and fixes the problem in its next CPU, the researcher suggests some temporary mitigations for keeping the servers safe.

“As temporary mitigations, users should ensure that no MySQL config files are owned by mysql user, and create root-owned dummy my.cnf files that are not in use. ”

While emphasizing that these temporary mitigations are just workarounds, Golunski suggests that as soon as the vendor patches are available, the users should apply them.

Back to Security Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums