Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Privilege Elevation. Show all posts
zero Day vulnerability
buffer overrun Hacking News MySQL database zero day vulnerability Privilege Elevation stack based buffer overflow Vulnerability zero Day vulnerability

Zero-day vulnerabilities in MySQL database allows hackers to crash the service


Multiple zero-day vulnerabilities have been discovered in the popular database software MySQL that could allow hackers to crash the service,  deny access to users, privilege escalation and authentication bypass.

There are five zero-day vulnerabilities. According to report, one was recognised as a duplicate of an existing flaw and another a misconfiguration.

Common Vulnerabilities and Exposures (CVE) identifiers assigned to the issues to track them:

  • CVE-2012-5611 — MySQL (Linux) Stack based buffer overrun PoC Zeroday
  • CVE-2012-5612 — MySQL (Linux) Heap Based Overrun PoC Zeroday
  • CVE-2012-5613 — MySQL (Linux) Database Privilege Elevation Zeroday Exploit
  • CVE-2012-5614 — MySQL Denial of Service Zeroday PoC
  • CVE-2012-5615 — MySQL Remote Preauth User Enumeration Zeroday

Security researcher Eric Romang has posted a video demonstrating how misconfigured servers are vulnerable in his blog.

Similar issues were also disclosed involving SSH.com Communications' Tectia SSH Server, which was also determined to be vulnerable to authentication bypass.

Read more »
Subscribe to: Posts (Atom)