Loading...

CVE-2012-5613 MySQL Database Privilege Elevation 0day Exploit Demo

12,228 views

Loading...

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Dec 2, 2012

Subscribe: http://www.youtube.com/subscription_c...
Blog : http://eromang.zataz.com
Twitter : http://twitter.com/eromang

Timeline :

Vulnerability discovered by @kingcope
Vulnerability disclosed by @kingcope the 2012-12-01

PoC provided by:

kingcope

Reference(s) :

CVE-2012-5613
Full Disclosure Mailing-list
Red Hat Bugzilla

Affected versions :

MySQL 5.0
MySQL 5.1
Other ?

Tested on Centos 5.8 x86 with:

MySQL Server version 5.0.95 Source distribution

Description :

An attacker with access to a MySQL database through a user having some specific privileges, will be allowed, through this vulnerability to create a MySQL administrator user. The created user specified in the PoC script is by default "rootedbox2" with "rootedbox2" as password.

More informations on http://eromang.zataz.com/2012/12/03/c...

Loading...

Advertisement
When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...