Intruder Vulnerability Bulletin — MySQL Privilege Escalation Vulnerabilities
You may have heard of two new MySQL vulnerabilities in the news over the past couple of days (CVE-2016–6662 & CVE-2016–6663).
This vulnerability affects MySQL (versions < 5.7.15, < 5.6.33, < 5.5.52) as well as its MariaDB and PerconaDB derivatives.
If successfully exploited, this vulnerability may allow an attacker who has already gained access to the database to elevate their privileges to the “root” administrative level.
It is important to note that in order for an attack to be successful, the attacker must have already gained access to an affected database (eg. via another attack such as SQL Injection), which would be considered a critical weakness in its own right (they would likely already have complete control of your application’s data).
We’ve already checked our customers’ systems, but, even if you’re not using Intruder’s continuous monitoring service yet, this vulnerability isn’t something to get in a panic about, and we recommend patching any affected databases across your estate as part of your normal patching process.
Further details of this vulnerability can be found at: http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Full details of this vulnerability have not yet been released, however initial information suggests it is similar in nature to CVE-2016–6662. We will issue an update as more information becomes available.