Back to search
CVE-2016-6664
Published: Dec 13, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2016:2749
vendor-advisory
x_refsource_REDHAT
20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616]
mailing-list
x_refsource_FULLDISC
93612
vdb-entry
x_refsource_BID
RHSA-2018:0574
vendor-advisory
x_refsource_REDHAT
GLSA-201702-18
vendor-advisory
x_refsource_GENTOO
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
x_refsource_CONFIRM
20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )
mailing-list
x_refsource_BUGTRAQ
RHSA-2016:2130
vendor-advisory
x_refsource_REDHAT
40679
exploit
x_refsource_EXPLOIT-DB
RHSA-2018:0279
vendor-advisory
x_refsource_REDHAT
DSA-3770
vendor-advisory
x_refsource_DEBIAN
RHSA-2017:2192
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now