MySQL / MariaDB / PerconaDB Privilege Escalation / Race Condition
Posted by deepcore on November 3, 2016 – 12:18 am
An independent research has revealed a race condition vulnerability which affects MySQL, MariaDB and PerconaDB databases. The vulnerability can allow a local system user with access to the affected database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) to escalate their privileges and execute arbitrary code as the database system user (typically ‘mysql’).
Post a reply
You must be logged in to post a comment.