Posted by Mark Koek on Sep 15

Well, ‘remote root’… The PoC asks for a working MySQL user name and
password.

And I don’t really get how that account can re-set the logfile location
without SUPER privileges?

Am I wrong in thinking that this is really “just” a MySQL admin -> root
privilege escalation? Don’t get me wrong, still a very nice exploit, but…

Mark