exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2013-2171

Status Candidate

Overview

The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls.

Related Files

FreeBSD 9 Address Space Manipulation Privilege Escalation
Posted Jun 26, 2013
Authored by Alan Cox, Hunger, sinn3r, Konstantin Belousov | Site metasploit.com

This Metasploit module exploits a vulnerability that can be used to modify portions of a process's address space, which may lead to privilege escalation. Systems such as FreeBSD 9.0 and 9.1 are known to be vulnerable.

tags | exploit
systems | freebsd
advisories | CVE-2013-2171, OSVDB-94414
SHA-256 | 9d8c78182da26e1da3cf3977d1da297ce969b5376665d620df728cbdcad3f431
Debian Security Advisory 2714-1
Posted Jun 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2714-1 - Konstantin Belousov and Alan Cox discovered that insufficient permission checks in the memory management of the FreeBSD kernel could lead to privilege escalation.

tags | advisory, kernel
systems | linux, freebsd, debian
advisories | CVE-2013-2171
SHA-256 | 26e535e94e7f71003a1fffd0d098d7f8d670f7c87a3b3313885b7e81b305b395
FreeBSD 9.0+ Privilege Escalation
Posted Jun 22, 2013
Authored by SynQ

FreeBSD 9.0+ privilege escalation exploit that leverages the mmap vulnerability.

tags | exploit
systems | freebsd
advisories | CVE-2013-2171
SHA-256 | a973c83e5edcbbb9daa0f1ee93d7602a34fc84b380f80b2f787c0b16ff88417a
FreeBSD 9.0 / 9.1 mmap/ptrace Exploit
Posted Jun 19, 2013
Authored by Hunger

FreeBSD versions 9.0 and 9.1 mmap/ptrace privilege escalation exploit that leverages the issue described in FreeBSD-SA-13:06.

tags | exploit
systems | freebsd
advisories | CVE-2013-2171
SHA-256 | 33ab3cd2db81ca119a894609c3cbec29fc118789f6df44a99945d5cda231b71c
FreeBSD mmap Privilege Escalation
Posted Jun 19, 2013
Authored by _hugsy_

This exploits performs privilege escalation leveraging the mmap vulnerability in FreeBSD 9.1 as described in FreeBSD-SA-13:06.

tags | exploit
systems | freebsd
advisories | CVE-2013-2171
SHA-256 | f4335d5441b706cb24ce9fb6b71366091edddbb0838d83d2cd1b69a4edab8fdf
FreeBSD Security Advisory - mmap Privilege Escalation
Posted Jun 18, 2013
Site security.freebsd.org

FreeBSD Security Advisory - Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access. This error can be exploited to allow unauthorized modification of an arbitrary file to which the attacker has read access, but not write access. Depending on the file and the nature of the modifications, this can result in privilege escalation. To exploit this vulnerability, an attacker must be able to run arbitrary code with user privileges on the target system.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2013-2171
SHA-256 | 46c9d0684ffdd8c4787e60e14015a9e757b66b443d2622296e77fbdbc855860a
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close