Gentoo Linux Security Advisory 201701-1 - Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0.28 are affected.
d29d2c9599ff6a080a01a711eab24fa8a9c409782346fe6b151226f35a8ad256Red Hat Security Advisory 2016-2927-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
66e1ea59d4014df2a4d524614e18002ead15028ade3161134f30e5b4a1e9c414Red Hat Security Advisory 2016-2595-02 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
efc7657ab9526bfaa4bd2c527a331957fcb2307eb0c4160a005c123a071b5353Red Hat Security Advisory 2016-2131-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
e0d4017aacc635d92ac81e00a91de05fc52686499e7f45be1d6e5caccce336c2Red Hat Security Advisory 2016-2130-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
03b624cce91b1d69085d50e89a4e1be58cfa8a759a1b0832a830b379c914eadb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed