Zero Day – MySQL Remote Root Code Execution / Privilege Escalation CVE-2016-6662

A new MySQL vulnerability is out. It allows remote code execution with root privilege. The exploitation is interesting in the way that it involves an oldschool LD_PRELOAD environment variable and that it targets a service that doesn’t serve requests as root but could still be tricked to get root RCE when restarted. Might give you […]