VDB
CVE-2012-5613
CVE-2012-5613
PUBLISHED
CVSS 6 MEDIUM
** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
EPSS 88.75% · 99.5th percentile
Risk Scores
CVSS 2.0
6
EPSS Score
88.75%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| mariadb | mariadb | 5.5.28a |
| oracle | mysql | 5.5.19 |
Exploit Intelligence
- MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2) automation script. (github-poc)
- MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2) automation script. (github-poc)
- MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2) automation script. (github-poc)
- MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2) automation script. (github-poc)
- MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2) automation script. (github-poc)
- MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline an... (github-poc)
- MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline an... (github-poc)
- MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline an... (github-poc)
- MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline an... (github-poc)
- MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline an... (github-poc)
…and 12 more exploits
Timeline
- Dec 3, 2012 CVE Published
- Dec 6, 2012 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Nov 16, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- 53372 third-party-advisory
- [oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday mailing-list
- GLSA-201308-06 vendor-advisory
- [oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday mailing-list
- SUSE-SU-2013:0262 vendor-advisory
- 20121201 MySQL (Linux) Database Privilege Elevation Zeroday Exploit mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2012-5613 advisory