MySQL has privilege escalation and security restriction bypass vulnerabilities_PHP Tutorial

WBOY
Release: 2016-07-13 17:03:01
Original
1193 people have browsed it

Affected systems:

MySQL AB MySQL


Description:

MySQL is a very widely used open source Source code relational database system with running versions for various platforms.


On MySQL, users with access rights but without create rights can create a new database with a name that differs only from the accessed database in uppercase and lowercase letters. Successful exploitation of this vulnerability requires that the file system running MySQL supports case-sensitive file names.


Additionally, because the parameters of the suid routine are evaluated in the wrong security context, an attacker can execute arbitrary DML statements via the stored routine with the permissions of the routine definer. A successful attack requires the user to have EXECUTE permission on the stored routine.


Manufacturer patch:

MySQL AB

Currently, the manufacturer has released an upgrade patch to fix this security issue. Please download it from the manufacturer's homepage:

http://lists.mysql.com/commits/5927

http://lists.mysql.com/commits/9122

(t114)

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/630988.htmlTechArticleAffected systems: MySQL AB MySQL Description: MySQL is a very widely used open source relational database system. There are running versions for various platforms. On MySQL, have access...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!