Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 / Dirty Pipe Hacked up Dirty Pipe CVE-2022-0847...

Dirty Pipe Local Privilege Escalation via CVE-2022-0847

This exploit targets a vulnerability in the Linux kernel since 5.8, that allows writing of read only or immutable memory. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. The module exploits this vulnerability by overwriting a suid binary with the payload, executing it, and the...

Dirty Pipe Local Privilege Escalation Exploit

This Metasploit module exploits a vulnerability that has been in the Linux kernel since version 5.8. It allows writing of read only or immutable memory. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. The module exploits this vulnerability by overwriting a suid binary with the...

Dirty Pipe Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dirty Pipe Local Privilege Escalation via CVE-2022-0847', 'Description' = %q This exploit targets a vulnerability in the Linux kernel since 5.8,...

Dirty Pipe SUID Binary Hijack Privilege Escalation Exploit

Variant proof of concept exploit for the Dirty Pipe file overwrite vulnerability. This version hijacks a SUID binary to spawn a root shell. // // dirtypipez.c // // hacked up Dirty Pipe CVE-2022-0847 PoC that hijacks a SUID binary to spawn // a root shell. and attempts to restore the damaged bina...

CVE-2022-24408

A vulnerability has been identified in SINUMERIK MC All versions V1.15 SP1, SINUMERIK ONE All versions V6.15 SP1. The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow loc...

Design/Logic Flaw

A vulnerability has been identified in SINUMERIK MC All versions V1.15 SP1, SINUMERIK ONE All versions V6.15 SP1. The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow loc...

CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

EulerOS 2.0 SP8 : systemd (EulerOS-SA-2019-1661)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which...

CVE-2019-3844

Summary (CVE-2019-3844): Affected component is systemd with DynamicUser; a local attacker can create SUID/SGID binaries and gain access to resources owned by a potentially different service after the transient UID/GID is recycled. This is a local privilege escalation vulnerability. Remediation fo...

F5 Networks BIG-IP : Linux kernel vulnerability (K20934447)

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

Privilege Escalation

Linux kernel is vulnerable to privilege escalation. An integer overflow in the createelftables function allows an unprivileged local user with access to SUID binary to escalate their privileges on the system...

Directory traversal

log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/remot...

CVE-2018-1000857

CVE-2018-1000857 affects log-user-session version 0.7 and earlier. The vulnerability is a Directory Traversal in the Main SUID-binary /usr/local/bin/log-user-session that can escalate a non-privileged user to root. Exploitation is described as possible by executing the vulnerable binary from an u...

CVE-2018-1000857

log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/remot...

CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary. Recent assessments: bulw4rk ...

CVE-2018-18860

A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root...

Privilege escalation

A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root...

CVE-2018-18860

A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root...

CVE-2018-18860

CVE-2018-18860 affects the SwitchVPN for macOS client (v2.1012.03). The local privilege escalation stems from over-permissive configuration and a SUID binary, enabling an attacker to run arbitrary binaries as root. Documents provide no reported fix version or official remediation within the suppl...