Author Topic: Severe MySQL / MariaDB / Percona security issue (remote root code execution)  (Read 8096 times)

0 Members and 2 Guests are viewing this topic.

Offline
*
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

In short as far as I understand it a tiny SQL Injection on any of your websites or legit phpMyAdmin access can be used in many cases to execute arbitrary code with root rights.

It seems there are already patches available for MariaDB / Percona, however none for MySQL yet.

So keep an eye out for the security updates to come and don't forget to install them when they are available!

Do not blame the CWP guys please - this is a general issue that affects any installations that use these database software.