Oracle MySQL on Linux suffers from a heap overrun vulnerability.
aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0eMySQL User-Defined (Linux) x32 / x86_64 sys_exec local privilege escalation exploit.
b562e8e6d56c7d3e2e28cd769077d9508fabb758d9e5d8db0035cde951f5ab11MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.
84eacee611d9f2e6ea453e965b21ff87f7108be2012a03c08d64b8c9bced5a57MySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.
8a3456c75957395a22a2a8ae80d668ad8b82507421bd39c72b28a4451650a93eMySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
f84eda3271059f08b9a99d7263f73d44a340114c34afcf6977c66cad9edbd3c7MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
6fd698eb967b90203eea6bb081322800c08e24edea9eb038620a0aa69d08f339MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
cbe30d6907b93bb949d78cd6be272974741d9bc7e24f6af3e6d7f45b78e0342eWhitepaper called MySQL UDF Exploitation.
e3f1baa170d27afb7c63c85824246d5dacb72df1f9b55d3c574624348aab3380This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.
e271ecc64a4930d48b45420b13646e62bddc742c830913aff948fcd6de464829MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.
299eef0e652415b8c1f3b2d435260b6ddfbe06b4ae900d2b7804cb6a236d4c68MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.
0ee06e9ca07a91bdf300e8247f0088f5b1ec71f49b7ac4b052a8d6f34794a932MySQL File Uploader version 1.0 suffers from a remote SQL injection vulnerability.
ec9e40dffdbb652970312b51baae3ead6d08f2bcc5afc81bffb79478a5a6d6e1This is a paper that discussing MySQL OOB hacking techniques under Windows.
2247188880eb740f7ce4589272459ef60a338fc40904dccee82018aa011cdc78MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files.
ee10c5cd536b7cd793ebaa9a73ff8ae60ef21aeb38f837d26de4bd6c0456a67aMySQL versions 5.7.15 and below, 5.6.33 and below, and 5.5.52 and below suffer from remote root code execution and privilege escalation vulnerabilities.
5e8a01e26f616b7e322e11ee4900c798c738b94ceece89ba36e9df202cdc0496MySQL version 5.5.45 64-bit suffers from a local credential disclosure vulnerability.
d5d580430a80f0c080da71316f664382b08040892691409270d49161773fb974MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.
d572109b0189ecd815c569ad47520780444acf35842b036897634bb7c97017fbThis paper discusses an overflow in the DOUBLE data type in MySQL.
994da41348fedec81430a33635725f5ef5bf21eaded32a286053dfd2938cf982This Metasploit module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This Metasploit module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The default All Users Start Up directory used by the module is Windows 7 friendly.
4f82b9e9bf5035178dee3ab985bc03afde702dd4e7ca3f166360be5aa2dd3474MySQL version 5.0.x suffers from an IF query handling remote denial of service vulnerability.
fbd9482c8025c99f1db3846350ceee2b43d7498a1499d6e009ebd5dfd16c551dThis Metasploit modules takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. However, please note in order to use this module, you must have a valid MySQL account on the target machine.
4bdddccff72e6f861ece38c09f5e2d07982390d9788ff9574617a88479fcf1dcOracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue.
8460a0977a201113cdd0cf16e055c51392db08aa506165c818a881ce632dbd1dOracle MySQL on Windows remote exploit that leverages file privileges to obtain a SYSTEM shell.
4a2e64891b58bc7a154f2b70367e520bd51dde3d72bf67966ad91a32725a0244Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.
e7b152542270e8ccb148f030520930976460470f663a3f3d19c5f09cba1871f5Oracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.
d1601135651994faddfc10c91567f145058d6d888036e2073e79b83518277a4fOracle MySQL versions 5.5.19-log and below for Linux suffer from a stack-based overrun. This exploit yields a shell as the mysql uid.
5230a2630c6fb8619813731a9429b6e733b55892232e63ae4cde28452b203583
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed