[FREEBSD:B64A7389-7C27-11E6-8AAA-5404A68AD561] Remote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662
Severity
Critical
Affected Packages
1
CVEs
1
LegalHackers' reports:
RCE Bugs discovered in MySQL and its variants like MariaDB.
It works by manipulating my.cnf files and using --malloc-lib.
The bug seems fixed in MySQL 5.7.15 by Oracle
Package | Affected Version |
---|---|
pkg:freebsd/mysql57-client | < 5.7.15 |
- ID
- FREEBSD:B64A7389-7C27-11E6-8AAA-5404A68AD561
- Severity
- critical
- Severity from
- CVE-2016-6662
- URL
- http://vuxml.freebsd.org/freebsd/b64a7389-7c27-11e6-8aaa-5404a68ad561.html
- Published
-
2016-09-12T00:00:00
(8 years ago) - Modified
-
2016-09-14T00:00:00
(8 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2016-756
- ALAS-2017-800
- ALPINE:CVE-2016-6662
- DSA-3666-1
- ELSA-2016-2595
- ELSA-2017-0184
- FEDORA-2016-0901301dff
- FEDORA-2016-58f90ae3cc
- FREEBSD:856B88BF-7984-11E6-81E7-D050996490D0
- GLSA-201701-01
- RHSA-2016:2595
- RHSA-2017:0184
- SSA:2016-257-01
- SUSE-SU-2016:2343-1
- SUSE-SU-2016:2395-1
- SUSE-SU-2016:2404-1
- SUSE-SU-2016:2780-1
- USN-3078-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | ||
FreeBSD VuXML | https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/mysql57-client | mysql57-client | < 5.7.15 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |