Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-6662 PoC — Oracle MySQL 远程代码执行漏洞/提权漏洞

Source
https://github.com/konstantin-kelemen/mysqld_safe-CVE-2016-6662-patch
Associated Vulnerability
Title:Oracle MySQL 远程代码执行漏洞/提权漏洞 (CVE-2016-6662)
Description:Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 Oracle MySQL中的配置文件(my.cnf)存在远程代码执行漏洞。攻击者(本地或远程)可通过授权访问MySQL数据库(网络连接或类似phpMyAdmin的Web接口)或SQL注入方式,利用该漏洞向配置文件中注入恶意的数据库配置,导致以root权限执行任意代码,完全控制受影响的服务器。以下版本受到影响:Oracle MySQL 5.5.52及之前的版本,5.6.x
Description
MySQL server CVE-2016-6662 patch playbook
Readme
# MySQL server CVE-2016-6662 patch playbook

## How it works

It adds the [Percona fix](https://github.com/percona/percona-server/commit/c14be53e029442f576cced1fb8ff96b58e89f2e0#diff-144aa2f11374843c969d96b7b84247eaR261) to the mysqld_safe file.

## Which operating systems are supported

- CentOS
- FreeBSD

## How to use it

    ansible-playbook mysqld-safe-patch.yml
File Snapshot

 [4.0K]  /data/pocs/518bb212181a494962ecc74933d5e236dafb399e
├── [1.3K]  mysqld-safe-patch.yml
└── [ 370]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.