[Secure-testing-commits] r44521 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Mon Sep 12 12:57:08 UTC 2016
Author: anarcat
Date: 2016-09-12 12:57:07 +0000 (Mon, 12 Sep 2016)
New Revision: 44521
Modified:
data/CVE/list
Log:
Summary: try to document CVE-2016-6662
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-12 09:10:20 UTC (rev 44520)
+++ data/CVE/list 2016-09-12 12:57:07 UTC (rev 44521)
@@ -1475,8 +1475,14 @@
RESERVED
CVE-2016-6663
RESERVED
-CVE-2016-6662
- RESERVED
+CVE-2016-6662 [privilege escalation through ld_preload hijacking and my.cnf rewrite]
+ - mysql-server <unfixed>
+ - mariadb-server <unfixed>
+ NOTE: http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
+ NOTE: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2016-6662
+ NOTE: fixed in mysql-server 5.5.52
+ NOTE: supposedly fixed in perconadb and mariadb as well, to be confirmed
+ NOTE: https://marc.info/?l=oss-security&m=147367658314062&w=2
CVE-2016-6661
RESERVED
CVE-2016-6660
More information about the Secure-testing-commits
mailing list