Overland Guardian OS 5.1.041 - Local Privilege Escalation
| EKU-ID: 17636 | CVE: CVE-2009-4607;OSVDB-61789 | OSVDB-ID: |
| Author: trompele | Published: 2009-10-20 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 17636 | CVE: CVE-2009-4607;OSVDB-61789 | OSVDB-ID: |
| Author: trompele | Published: 2009-10-20 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Device: Snap Server 410 OS: GuardianOS 5.1.041 Description: When logged in to CLI via ssh as admin (uid=1) you can escalate your privileges to uid 0 and get /bin/sh. In order to achieve this open 'less' which is available as default for viewing files (ie. less /tmp/top.log) and type in '!/bin/sh'. This will give you direct access to sh shell with UID 0. Tested only on OS version as above.