icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Oracle MySQL < 3.23.56 Local Privilege Escalation

High

Synopsis

The remote host is vulnerable to a local 'privilege escalation' flaw.

Description

The remote host is running a version of MySQL which is older than version 3.23.56. A vulnerability exists that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line 'user'.

Solution

Upgrade to version 3.23.56 or higher.