1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MySQL 0-day could lead to total system compromise

Discussion in 'Help Net Security' started by RSS, Sep 12, 2016.

  1. RSS

    RSS New Member Member

    Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these – CVE-2016-6662 – can be exploited by attackers to inject malicious settings into MySQL configuration files or create new ones, allowing them to execute arbitrary code with root privileges when the MySQL service is restarted. This could lead to total compromise of the server running the vulnerable MySQL version. “The vulnerability … More →

    Continue reading...
     

Share This Page