CVE-2016-6662 : MySQL Remote Code Execution and Privilege Escalation

I stumbled upon a new MySQL remote code execution vulnerability CVE-2016-6662, which details the flaw in the way config file could be written by an authorized mysql user and the config file can be read by mysqld_safe to run malicious code and gain privileged access. CVE-2016-6663, promises to be ...

More »

Dinesh Gunasekar - | Tags : RCE, CVE-2016-6662, Privilege Escalation, Remote Code Execution, Mysql 5.5, Mariadb 5.5