HTTP: MySQL Privilege Escalation
This signature detects attempts to exploit a known vulnerability against MySQL prior to version 5.1.50. Attackers can leverage this vulnerability to achieve privilege escalation.
Extended Description
MySQL is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to run arbitrary SQL statements with 'SUPER' privileges on the slave database system. This will allow the attacker to compromise the affected database system. This issue affects versions prior to MySQL 5.1.50.
Affected Products
Mysql_ab mysql
References
BugTraq: 43677
URL: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html http://www.mysql.com/
Short Name
HTTP:SQL:INJ:MYSQL-PRIV-ESCAL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Escalation MySQL Privilege bid:43677
Release Date
01/11/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Mysql_ab