CVE-2016-6664

Related Files

Red Hat Security Advisory 2017-2192-01

Posted Aug 2, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2192-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb. Security Fix: It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.

tags | advisory, arbitrary, shell

systems | linux, redhat

advisories | CVE-2016-5483, CVE-2016-5617, CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3600

MD5 | a4a97ca54fc208d44a4850aa2b445a15

Download | Favorite | Comments (0)

Gentoo Linux Security Advisory 201702-18

Posted Feb 21, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-18 - Multiple vulnerabilities have been found in MariaDB, the worst of which could lead to privilege escalation. Versions less than 10.0.29 are affected.

tags | advisory, vulnerability

systems | linux, gentoo

advisories | CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3312, CVE-2017-3317, CVE-2017-3318

MD5 | 02679b1dbd3e325097726f41a4f4e4e1

Download | Favorite | Comments (0)

Debian Security Advisory 3770-1

Posted Jan 23, 2017

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3770-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.29.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3312, CVE-2017-3317, CVE-2017-3318

MD5 | 19a0d99bf75bbbeba0b238d8e6bd0b64

Download | Favorite | Comments (0)

Red Hat Security Advisory 2016-2749-01

Posted Nov 15, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2749-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root

systems | linux, redhat

advisories | CVE-2016-3492, CVE-2016-5507, CVE-2016-5616, CVE-2016-5617, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-8283

MD5 | 0e5896714ac772d84a8ad0e7b8c11c19

Download | Favorite | Comments (0)

MySQL / MariaDB / PerconaDB Root Privilege Escalation

Posted Nov 2, 2016

Authored by Dawid Golunski

MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files.

tags | exploit, root

advisories | CVE-2016-6664

MD5 | 73b41ab8c5b59bd8889f73c2538d4f62

Download | Favorite | Comments (0)