Percona Server 5.6.44-85.0-1 Remote Code Execution Vulnerability

Summary

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2.

Credit:

The information has been provided by Hrvoje Matijakovic
The original article can be found at: https://jira.percona.com/browse/PS-5640


Details

Percona Server is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition. 

Vulnerable Systems:

  • Percona Server 5.6.44-85.0-1

CVE Information:

CVE-2019-12301

Disclosure Timeline:
Publish Date:05/23/2019

Categories: News