Search for vulnerabilities
Vulnerability details: VCID-mw7a-9n6d-aaap
Vulnerability ID VCID-mw7a-9n6d-aaap
Aliases CVE-2016-6663
Summary Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6663.html
rhas Important https://access.redhat.com/errata/RHSA-2016:2130
rhas Important https://access.redhat.com/errata/RHSA-2016:2131
rhas Important https://access.redhat.com/errata/RHSA-2016:2595
rhas Important https://access.redhat.com/errata/RHSA-2016:2749
rhas Important https://access.redhat.com/errata/RHSA-2016:2927
rhas Important https://access.redhat.com/errata/RHSA-2016:2928
rhas Important https://access.redhat.com/errata/RHSA-2017:0184
cvssv3 7.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6663.json
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00610 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00610 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00610 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.00610 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02045 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.02579 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
epss 0.03171 https://api.first.org/data/v1/epss?cve=CVE-2016-6663
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1378936
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
cvssv2 3.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual Medium https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
cvssv2 4.4 https://nvd.nist.gov/vuln/detail/CVE-2016-6663
cvssv3 7.0 https://nvd.nist.gov/vuln/detail/CVE-2016-6663
cvssv3.1 8.1 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6663.html
http://rhn.redhat.com/errata/RHSA-2016-2130.html
http://rhn.redhat.com/errata/RHSA-2016-2131.html
http://rhn.redhat.com/errata/RHSA-2016-2595.html
http://rhn.redhat.com/errata/RHSA-2016-2749.html
http://rhn.redhat.com/errata/RHSA-2016-2927.html
http://rhn.redhat.com/errata/RHSA-2016-2928.html
http://rhn.redhat.com/errata/RHSA-2017-0184.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6663.json
https://api.first.org/data/v1/epss?cve=CVE-2016-6663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html
http://seclists.org/fulldisclosure/2016/Nov/4
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805
https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291
https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://www.exploit-db.com/exploits/40678/
https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/
http://www.openwall.com/lists/oss-security/2016/10/25/4
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.securityfocus.com/bid/92911
http://www.securityfocus.com/bid/93614
1378936 https://bugzilla.redhat.com/show_bug.cgi?id=1378936
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:8.0:*:*:*:*:*:*:*
cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtradb_cluster:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:percona:xtradb_cluster:*:*:*:*:*:*:*:*
CVE-2016-6663 https://nvd.nist.gov/vuln/detail/CVE-2016-6663
CVE-2016-6663;CVE-2016-5616 Exploit https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
RHSA-2016:2130 https://access.redhat.com/errata/RHSA-2016:2130
RHSA-2016:2131 https://access.redhat.com/errata/RHSA-2016:2131
RHSA-2016:2595 https://access.redhat.com/errata/RHSA-2016:2595
RHSA-2016:2749 https://access.redhat.com/errata/RHSA-2016:2749
RHSA-2016:2927 https://access.redhat.com/errata/RHSA-2016:2927
RHSA-2016:2928 https://access.redhat.com/errata/RHSA-2016:2928
RHSA-2017:0184 https://access.redhat.com/errata/RHSA-2017:0184
Data source Exploit-DB
Date added Nov. 1, 2016
Description MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
Ransomware campaign use Unknown
Source publication date Nov. 1, 2016
Exploit type local
Platform linux
Source update date Jan. 30, 2017
Source URL https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6663.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-6663
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-6663
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.30461
EPSS Score 0.00066
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.