Vulnerability Details : CVE-2012-5613
Public exploit exists!
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
Exploit prediction scoring system (EPSS) score for CVE-2012-5613
96.55%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2012-5613
-
Oracle MySQL for Microsoft Windows FILE Privilege Abuse
Disclosure Date: 2012-12-01First seen: 2020-04-26exploit/windows/mysql/mysql_start_upThis module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The -
Oracle MySQL for Microsoft Windows MOF Execution
Disclosure Date: 2012-12-01First seen: 2020-04-26exploit/windows/mysql/mysql_mofThis module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. This module requires a valid MySQL account
CVSS scores for CVE-2012-5613
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST |
CWE ids for CVE-2012-5613
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5613
-
http://www.openwall.com/lists/oss-security/2012/12/02/3
oss-security - Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC ZerodayMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2012/12/02/4
oss-security - Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC ZerodayMailing List;Third Party Advisory
-
http://secunia.com/advisories/53372
Sign inBroken Link
-
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
[security-announce] SUSE-SU-2013:0262-1: important: Security update forMailing List;Third Party Advisory
-
http://security.gentoo.org/glsa/glsa-201308-06.xml
MySQL: Multiple vulnerabilities (GLSA 201308-06) — Gentoo securityThird Party Advisory
-
http://seclists.org/fulldisclosure/2012/Dec/6
Full Disclosure: MySQL (Linux) Database Privilege Elevation Zeroday ExploitExploit;Mailing List;Third Party Advisory
Products affected by CVE-2012-5613
- cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*