Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2016-6662

Disclosure Date: September 20, 2016
CVE-2016-6662
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle’s October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2016-6662 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662)
BID-92912 (http://www.securityfocus.com/bid/92912)
Advisory
https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes
http://rhn.redhat.com/errata/RHSA-2016-2749.html
http://rhn.redhat.com/errata/RHSA-2017-0184.html
http://rhn.redhat.com/errata/RHSA-2016-2131.html
http://rhn.redhat.com/errata/RHSA-2016-2060.html
https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes
https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes
https://jira.mariadb.org/browse/MDEV-10465
20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) (http://seclists.org/fulldisclosure/2016/Sep/23)
GLSA-201701-01 (https://security.gentoo.org/glsa/201701-01)
DSA-3666 (http://www.debian.org/security/2016/dsa-3666)
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://rhn.redhat.com/errata/RHSA-2016-2130.html
http://rhn.redhat.com/errata/RHSA-2016-2077.html
http://rhn.redhat.com/errata/RHSA-2016-2927.html
http://rhn.redhat.com/errata/RHSA-2016-2059.html
https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662
http://rhn.redhat.com/errata/RHSA-2016-2062.html
http://rhn.redhat.com/errata/RHSA-2016-2595.html
SECTRACK-1036769 (http://www.securitytracker.com/id/1036769)
http://rhn.redhat.com/errata/RHSA-2016-2061.html
[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) (http://www.openwall.com/lists/oss-security/2016/09/12/3)
EXPLOIT-DB-40360 (https://www.exploit-db.com/exploits/40360)
http://rhn.redhat.com/errata/RHSA-2016-2928.html
http://rhn.redhat.com/errata/RHSA-2016-2058.html
Miscellaneous
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis