Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2016-6662 – Multiple MySQL Vulnerabilities

by: September 28, 2016

CVE-2016-6662 – Multiple MySQL Vulnerabilities

Severity

Medium

Vendor

Cloud Foundry Foundation, MariaDB

Versions Affected

  • MariaDB versions prior to 10.1.17
  • cf-mysql versions prior to v29

Description

The Cloud Foundry MySQL team recently completed an upgrade of MariaDB to 10.1.17, which includes a large number of CVEs, including:

  • Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. (CVE-2016-6662) [1]
  • The full list of CVEs fixed in MariaDB 10.1.17 and earlier versions can be found on their website [2].

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • Upgrade to cf-mysql-release v29+ [3]

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-5619-1: LibTIFF vulnerabilities
Security Advisory

USN-5619-1: LibTIFF vulnerabilities

by Cloud Foundry Foundation Security Team September 29, 2022
USN-5615-1: SQLite vulnerabilities
Security Advisory

USN-5615-1: SQLite vulnerabilities

by Cloud Foundry Foundation Security Team September 29, 2022
USN-6544-1: GNU binutils vulnerabilities
Security Advisory

USN-6544-1: GNU binutils vulnerabilities

by Cloud Foundry Foundation Security Team April 4, 2024
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept