Gufino

Name of the Vulnerable Software and Affected Versions: MySQL versions 3.23.55 and earlier Description: The issue allows mysql users to gain root privileges by creating world-writeable files and overwriting a configuration file using the "SELECT * INFO OUTFILE" operator. This can cause mysql to run as root upon restart, as demonstrated by modifying the `my.cnf` configuration file. Recommendations: For MySQL versions 3.23.55 and earlier, consider restricting access to the `SELECT * INFO OUTFILE` operator until a fix is available. As a temporary workaround, restrict write access to configuration files, such as `my.cnf`, to prevent unauthorized modifications.