48 matches found
Centrify Deployment Manager 2.1.0.283 Local Root
/Local root exploit for Centrify Deployment Manager v2.1.0.283 local root, Centrify released a fix very quickly - nice vendor response. CVE-2012-6348 12/17/2012 http://vapid.dhs.org/advisories/centrifydeploymentmanagerinsecuretmp2.html Greetings vladz, Thanks for the inotify & syscall technique...
Centrify Deployment Manager v2.1.0.283 local root
Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files in /tmp. Here is my analysis: root@h0g:/tmp ls -l /etc/shadow -r-------- 1 root shadow 1010 Dec 7 21:42 /etc/shadow root@h0g:/tmp...
Centrify Deployment Manager 2.1.0.283 - Local Privilege Escalation
Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files in /tmp. Here is my analysis: root@h0g:/tmp ls -l /etc/shadow -r-------- 1 root shadow 1010 Dec 7 21:42 /etc/shadow root@h0g:/tmp...
Centrify Deployment Manager v2.1.0.283
Centrify Deployment Manager v2.1.0.283 While at a training session for centrify, I noticed poor handling of files in /tmp. I was able to overwrite /etc/shadow with the contents of adcheckDMoutput. I am sure there are more vulnerabilities to be exploit, maybe a local root - but being this is a...
Centrify Deployment Manager 2.1.0.283 - Local Privilege Escalation
Centrify Deployment Manager 2.1.0.283 - Local Privilege Escalation Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files in /tmp. Here is my analysis: root@h0g:/tmp ls -l /etc/shadow...
Centrify Deployment Manager 2.1.0.283 Local Root Vulnerability
Centrify Deployment Manager version 2.1.0.283 suffers from a race condition in /tmp that allows for local root privilege escalation. Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files i...
Centrify Deployment Manager 2.1.0.283 Local Root
Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files in /tmp. Here is my analysis: root@h0g:/tmp ls -l /etc/shadow -r-------- 1 root shadow 1010 Dec 7 21:42 /etc/shadow root@h0g:/tmp...
Centrify Deployment Manager v2.1.0.283 File Overwrite Vulnerability
Centrify Deployment Manager v2.1.0.283 version 2.1.0.283 appears to suffer from a root-level file overwrite vulnerability due to an insecure use of /tmp. Centrify Deployment Manager v2.1.0.283 While at a training session for centrify, I noticed poor handling of files in /tmp. I was able to...