MySQL could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition error while setting stats during MyISAM table repair. An attacker could exploit this vulnerability to change permissions of arbitrary files. IBM Security Guardium Database Activity Monitor has fixed this vulnerability.
CVE(s): CVE-2016-6663
Affected product(s) and affected version(s):
IBM Security Guardium Database Activity Monitor V 9, 9.1, 9.5
IBM Security Guardium Database Activity Monitor V10, 10.0.1, 10.1, 10.1.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iju07N
X-Force Database: http://ift.tt/2hLreek
from IBM Product Security Incident Response Team http://ift.tt/2ijoEZZ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.