Latest MYSQL Database Vulnerability Bulletin _mysql

Source: Internet
Author: User
Tags mysql version file permissions

Recently, the Internet has disclosed about the existence of a MySQL database Code execution Vulnerability (cnnvd-201609-183) situation. Because of a certain flaw in the MySQL database default configuration, an attacker could exploit the vulnerability to tamper with the database configuration file, executing arbitrary code with Administrator privileges, and remotely controlling the affected server. At present, the Oracle official website release statement will release the key patch update information in October.

A brief introduction of vulnerability

Oracle MySQL is an open source relational database management system for Oracle (Oracle) company in the United States.

The configuration file (my.cnf) in the MySQL database has a remote Code execution Vulnerability (Vulnerability number: cnnvd-201609-183,cve-2016-6662) and the following version is affected by the vulnerability: MySQL 5.7.15 and previous versions, 5.6.33 and previous versions, 5.5.52 and previous versions.

CNNVD for the use of the principle of the above-mentioned loopholes, summarized as follows:

The MySQL service has two processes on the server, one of which has administrator (root) and the other has normal user (MySQL) permissions. A process with administrator (root) permissions can load and execute the Dynamic Connection library (so) that is declared in the configuration file, and modify the above configuration file under specific file permissions through SQL statements or by using methods such as add triggers, causing the MySQL service to restart A process with administrator (root) permissions loads and executes the dynamic Connection library, executing arbitrary code to achieve elevated permissions.

Ii. Vulnerabilities and hazards

An attacker (local or remote) can use this vulnerability to modify a configuration file, such as normal access or malicious injection, to execute arbitrary code with administrator privileges and to have full control over the affected server.

2. Currently, the open source database using the MySQL kernel mariadb and perconadb is affected by this vulnerability and released a bug fix patch on September 6.

Iii. Measures of repair

The official Oracle website will release key patch updates on October 18, so that users who may be affected should be concerned about the information in time to fix the vulnerabilities and eliminate the pitfalls.

Announcement Link: http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Users who deploy the MySQL database should promptly check if the MySQL version used is in the affected area. If affected, you can take this mitigation scenario: Turn off MySQL user file permissions.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.