Database administrators using MySQL, MariaDB and Percona Server for MySQL are being warned of two critical MySQL vulnerabilities. The discovery is such serious that attackers can even exploit the entire server hosting the database.
Discovered by security researcher Dawid Golunski, the CVE-2016-6663 and CVE-2016-6664 vulnerabilities allow attackers to escalate privileges from a local low-privileged database account to a MySQL system. This enables administrative privileges to compromise the system entirely.
“All the vulnerabilities were reported before publication to Oracle (MySQL), MariaDB and Percona vendors to allow time for releasing the patches,” Golunski told Open Source For You.
A video has been released on hacking website LegalHackers to demonstrate how an attacker gains access to the targeted servers through a vulnerable File Upload feature in the database. The attacker uses the race condition CVE-2016-6663 vulnerability in the clipping to leverage the exposed file operations by the affected databases. CVE-2016-6664 vulnerability, on the other hand, helps in escalating the backdoor access to root system account.
Users on the affected databases can protect their precious information by deploying some significant steps. “The basics such as hardening your operating system and the database configuration and keeping up with the updates are the fundamentals that go quite a long way,” Golunski stated.
The vulnerability has so far reportedly affected database software including MySQL 5.5.51, MariaDB 5.5.52, Percona Server 5.5.51-38.2 and Percona XtraDB Cluster 5.5.41-37.0. You can install the latest versions of MySQL, Percona Server and XtraDB on your server to patch the security holes. However, MariaDB is yet to receive the fix for the root privilege escalation flaw.