CVE-2012-5613 : MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.

Published 2012-12-03 12:49:44

Updated 2024-04-11 00:49:30

Source Red Hat, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2012-5613

Probability of exploitation activity in the next 30 days: 97.23%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2012-5613

Oracle MySQL for Microsoft Windows FILE Privilege Abuse

Disclosure Date: 2012-12-01

First seen: 2020-04-26

exploit/windows/mysql/mysql_start_up

This module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The

More information
Oracle MySQL for Microsoft Windows MOF Execution

Disclosure Date: 2012-12-01

First seen: 2020-04-26

exploit/windows/mysql/mysql_mof

This module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. This module requires a valid MySQL account

More information

CVSS scores for CVE-2012-5613

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.0	MEDIUM	AV:N/AC:M/Au:S/C:P/I:P/A:P	6.8	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2012-5613

CWE-16

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-5613

http://www.openwall.com/lists/oss-security/2012/12/02/3

oss-security - Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2012/12/02/4

oss-security - Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

CVEs referencing this url
http://secunia.com/advisories/53372

Sign in
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html

[security-announce] SUSE-SU-2013:0262-1: important: Security update for

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201308-06.xml

MySQL: Multiple vulnerabilities (GLSA 201308-06) — Gentoo security

CVEs referencing this url
http://seclists.org/fulldisclosure/2012/Dec/6

Full Disclosure: MySQL (Linux) Database Privilege Elevation Zeroday Exploit
Exploit

Products affected by CVE-2012-5613

Oracle » Mysql » Version: 5.5.19
cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux
Mariadb » Mariadb » Version: 5.5.28a
cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux

Vulnerability Details : CVE-2012-5613