Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2016-6662 – Multiple MySQL Vulnerabilities

by: September 28, 2016

CVE-2016-6662 – Multiple MySQL Vulnerabilities

Severity

Medium

Vendor

Cloud Foundry Foundation, MariaDB

Versions Affected

  • MariaDB versions prior to 10.1.17
  • cf-mysql versions prior to v29

Description

The Cloud Foundry MySQL team recently completed an upgrade of MariaDB to 10.1.17, which includes a large number of CVEs, including:

  • Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. (CVE-2016-6662) [1]
  • The full list of CVEs fixed in MariaDB 10.1.17 and earlier versions can be found on their website [2].

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • Upgrade to cf-mysql-release v29+ [3]

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

CVE-2014-5119 glib_gconv_translit_find() exploit
Security Advisory

CVE-2014-5119 glib_gconv_translit_find() exploit

by Cloud Foundry Foundation Security Team September 19, 2014
USN-4109-1: OpenJPEG vulnerabilities
Security Advisory

USN-4109-1: OpenJPEG vulnerabilities

by Cloud Foundry Foundation Security Team August 29, 2019
USN-3806-1: systemd vulnerability
Security Advisory

USN-3806-1: systemd vulnerability

by Cloud Foundry Foundation Security Team November 20, 2018
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept