Over a month ago we reported about two critical zero-day vulnerabilities in the world’s 2nd most popular database management software MySQL:
- MySQL Remote Root Code Execution (CVE-2016-6662)
- Privilege Escalation (CVE-2016-6663)
At that time, Polish security researcher Dawid Golunski of Legal Hackers who discovered these vulnerabilities published technical details and proof-of-concept exploit code for the first bug only and promised to release details of the second bug (CVE-2016-6663) later.
Source: Critical Flaws in MySQL Give Hackers Root Access to Server (Exploits Released)
