CVE-2019-11660

Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...

Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus HPE Data Protector SUID Privilege Escalation', 'Description' = %q This module exploits the trusted $PATH environment variable of the...

CVE-2019-11660

creationtimestamp| type| source ---|---|--- 2019-11-01 08:08:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/omniresolvesuidprivesc.rb 2019-11-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47580 2025-02-06 03:13:43+00:00|...

Micro Focus (HPE) Data Protector SUID Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus HPE Data Protector SUID Privilege Escalation', 'Description' = %q This module exploits the trusted $PATH environment variable of the...

CVE-2019-11660

Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...

CVE-2019-11660

CVE-2019-11660 affects Micro Focus Data Protector (versions 10.00–10.40). A low-privilege user can abuse the SUID binary omniresolve, which calls oracleasm via a relative path using a trusted PATH, to execute a custom binary with root privileges. Impact is local privilege escalation (affecting co...