CVE-2016-6662

{"id": "CVE-2016-6662", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-09-20T18:59:00.127", "references": [{"url": "http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2058.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2059.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2060.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2061.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2062.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2077.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2016/Sep/23", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2016/dsa-3666", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/09/12/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/92912", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1036769", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://jira.mariadb.org/browse/MDEV-10465", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201701-01", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/40360/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2058.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2059.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2060.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2061.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2062.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2077.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0184.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2016/Sep/23", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2016/dsa-3666", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/09/12/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/92912", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036769", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://jira.mariadb.org/browse/MDEV-10465", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201701-01", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/40360/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15."}, {"lang": "es", "value": "Oracle MySQL hasta la versi\u00f3n 5.5.52, 5.6.x hasta la versi\u00f3n 5.6.33 y 5.7.x hasta la versi\u00f3n 5.7.15; MariaDB en versiones anteriores a 5.5.51, 10.0.x en versiones anteriores a 10.0.27 y 10.1.x en versiones anteriores a 10.1.17; y Percona Server en versiones anteriores a 5.5.51-38.1, 5.6.x en versiones anteriores a 5.6.32-78.0 y 5.7.x en versiones anteriores a 5.7.14-7 permiten a usuarios locales crear configuraciones arbitrarias y eludir ciertos mecanismos de protecci\u00f3n estableciendo general_log_file a una configuraci\u00f3n my.cnf NOTA: esto puede ser aprovechado para ejecutar c\u00f3digo arbitrario con privilegios root estableciendo malloc_lib. NOTA: la informaci\u00f3n sobre la versi\u00f3n de MySQL afectada es de la CPU de Octubre de 2016 de Oracle. Oracle no ha comentado sobre las reclamaciones de terceros que el problema fue parcheado silenciosamente en MySQL 5.5.52, 5.6.33 y 5.7.15."}], "lastModified": "2024-11-21T02:56:34.397", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "982457CB-92BD-4CC2-A377-8AE7C44AE939", "versionEndIncluding": "5.5.52", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6663D88B-4649-4910-A5FB-C384BC4C8AA7", "versionEndIncluding": "5.6.33", "versionStartIncluding": "5.6.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D0BA40E-DDBD-4419-8DED-39FEF868B737", "versionEndIncluding": "5.7.15", "versionStartIncluding": "5.7.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E119A90E-46D5-4F4D-A3A1-C7B708AFEC68", "versionEndExcluding": "5.5.51-38.1", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "845F45D1-4EC6-48E4-A113-8B1503C74C27", "versionEndExcluding": "5.6.32-78.0", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5555A98A-D7F2-4211-A62B-D108F4F8F920", "versionEndExcluding": "5.7.14-7", "versionStartIncluding": "5.7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1845931-A5D6-47DA-9A8E-5AC8143354D8", "versionEndExcluding": "5.5.51", "versionStartIncluding": "5.5.20"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2D3290F-3FFF-4679-8C67-22D76EA2AC7C", "versionEndExcluding": "10.0.27", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66B7D3D5-1F6C-49E8-93F9-88C3E52C9879", "versionEndExcluding": "10.1.17", "versionStartIncluding": "10.1.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3"}, {"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA"}, {"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95"}, {"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6"}, {"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}