J2TEAM Security: A must-have extension for Chrome users. Install now!

Multiple MySQL database Zero-day vulnerabilities published

Multiple MySQL database Zero-day vulnerabilities published
Researcher discovered Multiple Zero-day vulnerabilities in MySQL database software including Stack based buffer overrun, Heap Based Overrun, Privilege Elevation, Denial of Service and  Remote Preauth User Enumeration.
Common Vulnerabilities and Exposures (CVE) assigned as :
CVE-2012-5611 — MySQL (Linux) Stack based buffer overrun PoC Zeroday
CVE-2012-5612 — MySQL (Linux) Heap Based Overrun PoC Zeroday
CVE-2012-5613 — MySQL (Linux) Database Privilege Elevation Zeroday Exploit
CVE-2012-5614 — MySQL Denial of Service Zeroday PoC
CVE-2012-5615 — MySQL Remote Preauth User Enumeration Zeroday
Multiple+MySQL+database+Zero-day+Vulnerabilities+published

Currently, all reported bugs are under review and most of the researchers believed that some of these can be duplicate of an existing bugs.

CVE-2012-5612 and CVE-2012-5614 could cause the SQL instance to crash, according to researchers. Where as another interesting bug CVE-2012-5615 allow attacker to find out that either any username exist on the Mysql server or not by reply- "Access denied".

Eric Posted MySQL Database Privilege Elevation 0day Exploit Demo:
Leader at J2TEAM. Website: https://j2team.dev/

Đăng nhận xét

Cảm ơn bạn đã đọc bài viết!

- Bạn có gợi ý hoặc bình luận xin chia sẻ bên dưới.

- Hãy viết tiếng Việt có dấu nếu có thể!