|
|
Log in / Subscribe / Register

mariadb: access restriction bypass

Package(s):mariadb CVE #(s):CVE-2016-6663
Created:September 15, 2016 Updated:September 21, 2016
Description: From the Arch Linux advisory:

- CVE-2016-6663 (access restriction bypass): In the past mariadb used to read the main configuration file from three different locations. One of them (the datadir) is unsafe because it's writeable by the sql-server. This way a remote attacker who could gain access to the sql-server could deploy a maliciously crafted configuration file.

Alerts:
Red Hat RHSA-2016:2749-01 rh-mysql56-mysql 2016-11-15
Debian DSA-3711-1 mariadb-10.0 2016-11-11
Mageia MGASA-2016-0371 mariadb 2016-11-09
Red Hat RHSA-2016:2595-02 mariadb 2016-11-03
Slackware SSA:2016-305-03 mariadb 2016-10-31
Red Hat RHSA-2016:2131-01 mariadb55-mariadb 2016-10-31
Arch Linux ASA-201609-10 mariadb 2016-09-14
CentOS CESA-2017:0184 mysql 2017-01-26
Oracle ELSA-2017-0184 mysql 2017-01-24
Scientific Linux SLSA-2017:0184-1 mysql 2017-01-24
Red Hat RHSA-2017:0184-01 mysql 2017-01-24
Scientific Linux SLSA-2016:2595-2 mariadb 2016-12-14
Red Hat RHSA-2016:2928-01 rh-mariadb101-mariadb 2016-12-08
Red Hat RHSA-2016:2927-01 rh-mariadb100-mariadb 2016-12-08
openSUSE openSUSE-SU-2016:3028-1 mariadb 2016-12-06
openSUSE openSUSE-SU-2016:3025-1 mariadb 2016-12-06
SUSE SUSE-SU-2016:2932-1 mariadb 2016-11-28
SUSE SUSE-SU-2016:2933-1 mariadb 2016-11-28
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds