New MySQL Zero-Day Allows An Attacker To Take Full Control Of Database
New MySQL Zero-Day Allows An Attacker To Take Full Control Of Database

Polish security researcher Dawid Golunski reported that he discovered two critical zero-day vulnerabilities in the world’s second most popular database management software known as MySQL that could allow an attacker to take full control over the database.

New MySQL Zero-Day Allows An Attacker To Take Full Control Of Database

On Monday, September 12, 2016, Polish security researcher Dawid Golunski reported that he found “critical vulnerabilities” in the world’s 2nd most popular database management software MySQL, allowing to gain complete control over the database.

The Polish security researcher, Dawid Golunski reported that he found two zero-days in the world’s 2nd most popular database management software MySQL, CVE-2016-6662 and CVE-2016-6663 which allows you to remotely execute code, presupposes access to a vulnerable system with the necessary privileges to edit the MySQL configuration file (my.cnf). By default, this privilege is the superuser, if MySQL was installed on the system with the default settings.

However, both the critical vulnerabilities which were discovered by the Polish security researcher Dawid Golunski, have been reported to Oracle along with the other database vendors as well.

The Polish security researcher Dawid Golunski explained in an advisory that was already published yesterday that “A successful exploitation [of CVE-2016-6662] could allow attackers to execute arbitrary code with root privileges which would then allow them to fully compromise the server on which an affected version of MySQL is running”.

“As over 40 days have passed since reporting the issues and patches were already mentioned publicly, a decision was made to start disclosing vulnerabilities (with limited PoC) to inform users about the risks before the vendor’s next CPU update that only happens at the end of October,” the researcher further defined.

To operate the vulnerability attacker requires privileges to edit the configuration file (root permissions). So, it is assumed that if the user already has elevated privileges on the system, or file permissions that have been changed deliberately to allow for changes in the attacking file.

However, Polish security researcher Dawid Golunski suggests few temporary moderation for keeping the servers safe, until the Oracle finds a solution and fixes the problem in its next CPU. Furthermore, the security researcher Dawid Golunski also recommend that as soon as the merchant patches are available, the users should apply them.

COMMENTS

AUTHOR