DBD::mysql::st execute failed: Incorrect usage of DB GRANT and GLOBAL PRIVILEGES at /tmp/cve-2012-5611 line 11.
DBD::mysql::st execute failed: Incorrect usage of DB GRANT and GLOBAL PRIVILEGES at /tmp/cve-2012-5611 line 11
Mysqld did not crash however the user was still created absent grants:
---
mysql> show grants for 'user'@'%';
+-----------------------------------------------------------------------------------------------------+
| Grants for user@% |
+-----------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user'@'%' IDENTIFIED BY PASSWORD '*' |
+-----------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
---
FWIW:
Testing on PS 5.5.34-32 x86_64 (Fedora 19 x86_64)
p.o.c. code: http:// www.exploit- db.com/ exploits/ 23075/ and tested.
This yeilded the following result:
DBD::mysql::st execute failed: Incorrect usage of DB GRANT and GLOBAL PRIVILEGES at /tmp/cve-2012-5611 line 11.
DBD::mysql::st execute failed: Incorrect usage of DB GRANT and GLOBAL PRIVILEGES at /tmp/cve-2012-5611 line 11
Mysqld did not crash however the user was still created absent grants:
--- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ----+ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ----+ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ----+
mysql> show grants for 'user'@'%';
+------
| Grants for user@% |
+------
| GRANT USAGE ON *.* TO 'user'@'%' IDENTIFIED BY PASSWORD '*' |
+------
1 row in set (0.00 sec)
---