MySQL Mysqld Privilege Escalation Vulnerability Network Vulnerability

Summary

You are running a version of MySQL which is older than version 3.23.56. It is vulnerable to a vulnerability that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line 'user=root' under the '[mysqld]' option section. When the mysqld service is executed, it will run as the root user instead of the default user.

Solution

Upgrade to at least version 3.23.56

Severity

Classification

CVE CVE-2003-0150

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Linux)
Test Microsoft IIS Source Fragment Disclosure
thttpd ssi file retrieval
Kiwi CatTools < 3.2.9 Directory Traversal
Samba Remote Arbitrary File Access

MySQL mysqld Privilege Escalation Vulnerability

Take action and discover your vulnerabilities