Search criteria
10 vulnerabilities found for xtradb_cluster by percona
CVE-2020-15180 (GCVE-0-2020-15180)
Vulnerability from nvd – Published: 2021-05-27 19:45 – Updated: 2024-08-04 13:08
VLAI
Summary
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
Severity
No CVSS data available.
CWE
- CWE-20 - >CWE-96
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2020/dsa-4776 | vendor-advisoryx_refsource_DEBIAN |
| https://security.gentoo.org/glsa/202011-14 | vendor-advisoryx_refsource_GENTOO |
| https://www.percona.com/blog/2020/10/30/cve-2020-… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1894919 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mariadb",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "mariadb 10.1.47, mariadb 10.2.34, mariadb 10.3.25, mariadb 10.4.15, mariadb 10.5.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system\u0027s confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20-\u003eCWE-96",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T19:57:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mariadb",
"version": {
"version_data": [
{
"version_value": "mariadb 10.1.47, mariadb 10.2.34, mariadb 10.3.25, mariadb 10.4.15, mariadb 10.5.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system\u0027s confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-96"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"name": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15180",
"datePublished": "2021-05-27T19:45:28.000Z",
"dateReserved": "2020-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:08:22.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10996 (GCVE-0-2020-10996)
Vulnerability from nvd – Published: 2020-04-27 12:45 – Updated: 2024-08-04 11:21
VLAI
Summary
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://jira.percona.com/browse/PXC-3117 | x_refsource_MISC |
| https://www.percona.com/blog/2020/04/20/cve-2020-… | x_refsource_CONFIRM |
| https://www.percona.com/doc/percona-xtradb-cluste… | x_refsource_CONFIRM |
Date Public
2020-04-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T20:38:56.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.percona.com/browse/PXC-3117",
"refsource": "MISC",
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"name": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"name": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html",
"refsource": "CONFIRM",
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10996",
"datePublished": "2020-04-27T12:45:01.000Z",
"dateReserved": "2020-03-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:21:14.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15365 (GCVE-0-2017-15365)
Vulnerability from nvd – Published: 2018-01-25 16:00 – Updated: 2024-08-05 19:57
VLAI
Summary
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/MariaDB/server/commit/0b5a5258… | x_refsource_CONFIRM |
| https://www.debian.org/security/2018/dsa-4341 | vendor-advisoryx_refsource_DEBIAN |
| https://mariadb.com/kb/en/library/mariadb-10210-r… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | x_refsource_CONFIRM |
| https://www.percona.com/doc/percona-xtradb-cluste… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.percona.com/blog/2017/10/30/percona-x… | x_refsource_CONFIRM |
| https://mariadb.com/kb/en/library/mariadb-10130-r… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:1258 | vendor-advisoryx_refsource_REDHAT |
Date Public
2017-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T21:06:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e",
"refsource": "CONFIRM",
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"name": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"name": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html",
"refsource": "CONFIRM",
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"name": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"name": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15365",
"datePublished": "2018-01-25T16:00:00.000Z",
"dateReserved": "2017-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:25.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6664 (GCVE-0-2016-6664)
Vulnerability from nvd – Published: 2016-12-13 21:00 – Updated: 2024-08-06 01:36
VLAI
Summary
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2016-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:29.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93612"
},
{
"name": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"name": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html",
"refsource": "MISC",
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6664",
"datePublished": "2016-12-13T21:00:00.000Z",
"dateReserved": "2016-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:36:29.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6663 (GCVE-0-2016-6663)
Vulnerability from nvd – Published: 2016-12-13 21:00 – Updated: 2024-08-06 01:36
VLAI
Summary
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2016-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:29.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"name": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"refsource": "CONFIRM",
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"name": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"name": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"refsource": "CONFIRM",
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"name": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html",
"refsource": "MISC",
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6663",
"datePublished": "2016-12-13T21:00:00.000Z",
"dateReserved": "2016-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:36:29.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15180 (GCVE-0-2020-15180)
Vulnerability from cvelistv5 – Published: 2021-05-27 19:45 – Updated: 2024-08-04 13:08
VLAI
Summary
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
Severity
No CVSS data available.
CWE
- CWE-20 - >CWE-96
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2020/dsa-4776 | vendor-advisoryx_refsource_DEBIAN |
| https://security.gentoo.org/glsa/202011-14 | vendor-advisoryx_refsource_GENTOO |
| https://www.percona.com/blog/2020/10/30/cve-2020-… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1894919 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mariadb",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "mariadb 10.1.47, mariadb 10.2.34, mariadb 10.3.25, mariadb 10.4.15, mariadb 10.5.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system\u0027s confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20-\u003eCWE-96",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T19:57:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mariadb",
"version": {
"version_data": [
{
"version_value": "mariadb 10.1.47, mariadb 10.2.34, mariadb 10.3.25, mariadb 10.4.15, mariadb 10.5.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system\u0027s confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-96"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html"
},
{
"name": "DSA-4776",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4776"
},
{
"name": "GLSA-202011-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202011-14"
},
{
"name": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894919"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15180",
"datePublished": "2021-05-27T19:45:28.000Z",
"dateReserved": "2020-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:08:22.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10996 (GCVE-0-2020-10996)
Vulnerability from cvelistv5 – Published: 2020-04-27 12:45 – Updated: 2024-08-04 11:21
VLAI
Summary
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://jira.percona.com/browse/PXC-3117 | x_refsource_MISC |
| https://www.percona.com/blog/2020/04/20/cve-2020-… | x_refsource_CONFIRM |
| https://www.percona.com/doc/percona-xtradb-cluste… | x_refsource_CONFIRM |
Date Public
2020-04-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T20:38:56.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. A bundled script inadvertently sets a static transition_key for SST processes in place of the random key expected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.percona.com/browse/PXC-3117",
"refsource": "MISC",
"url": "https://jira.percona.com/browse/PXC-3117"
},
{
"name": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2020/04/20/cve-2020-10996-percona-xtradb-cluster-sst-script-static-key/"
},
{
"name": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html",
"refsource": "CONFIRM",
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.28-31.41.2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10996",
"datePublished": "2020-04-27T12:45:01.000Z",
"dateReserved": "2020-03-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:21:14.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15365 (GCVE-0-2017-15365)
Vulnerability from cvelistv5 – Published: 2018-01-25 16:00 – Updated: 2024-08-05 19:57
VLAI
Summary
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/MariaDB/server/commit/0b5a5258… | x_refsource_CONFIRM |
| https://www.debian.org/security/2018/dsa-4341 | vendor-advisoryx_refsource_DEBIAN |
| https://mariadb.com/kb/en/library/mariadb-10210-r… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | x_refsource_CONFIRM |
| https://www.percona.com/doc/percona-xtradb-cluste… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.percona.com/blog/2017/10/30/percona-x… | x_refsource_CONFIRM |
| https://mariadb.com/kb/en/library/mariadb-10130-r… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:1258 | vendor-advisoryx_refsource_REDHAT |
Date Public
2017-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T21:06:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e",
"refsource": "CONFIRM",
"url": "https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e"
},
{
"name": "DSA-4341",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4341"
},
{
"name": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/library/mariadb-10210-release-notes/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524234"
},
{
"name": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html",
"refsource": "CONFIRM",
"url": "https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html"
},
{
"name": "FEDORA-2018-0d6a80f496",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/"
},
{
"name": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/"
},
{
"name": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/library/mariadb-10130-release-notes/"
},
{
"name": "RHSA-2019:1258",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15365",
"datePublished": "2018-01-25T16:00:00.000Z",
"dateReserved": "2017-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:25.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6663 (GCVE-0-2016-6663)
Vulnerability from cvelistv5 – Published: 2016-12-13 21:00 – Updated: 2024-08-06 01:36
VLAI
Summary
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2016-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:29.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html"
},
{
"name": "RHSA-2017:0184",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "RHSA-2016:2131",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"name": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"refsource": "CONFIRM",
"url": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"name": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "40678",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40678/"
},
{
"name": "RHSA-2016:2130",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "RHSA-2016:2927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name": "[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/25/4"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
},
{
"name": "92911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92911"
},
{
"name": "93614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93614"
},
{
"name": "RHSA-2016:2595",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"name": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html",
"refsource": "CONFIRM",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html"
},
{
"name": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"refsource": "CONFIRM",
"url": "https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805"
},
{
"name": "RHSA-2016:2928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
},
{
"name": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html",
"refsource": "MISC",
"url": "https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6663",
"datePublished": "2016-12-13T21:00:00.000Z",
"dateReserved": "2016-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:36:29.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6664 (GCVE-0-2016-6664)
Vulnerability from cvelistv5 – Published: 2016-12-13 21:00 – Updated: 2024-08-06 01:36
VLAI
Summary
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2016-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:29.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2016:2749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name": "20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/4"
},
{
"name": "93612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93612"
},
{
"name": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/",
"refsource": "CONFIRM",
"url": "https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/"
},
{
"name": "RHSA-2018:0574",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0574"
},
{
"name": "GLSA-201702-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-18"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539695/100/0/threaded"
},
{
"name": "RHSA-2016:2130",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html"
},
{
"name": "40679",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40679/"
},
{
"name": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html",
"refsource": "MISC",
"url": "http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html"
},
{
"name": "RHSA-2018:0279",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0279"
},
{
"name": "DSA-3770",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3770"
},
{
"name": "RHSA-2017:2192",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6664",
"datePublished": "2016-12-13T21:00:00.000Z",
"dateReserved": "2016-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:36:29.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}