Showing 1 - 1 of 1

CVE-2015-5699

Status Candidate

Overview

The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.

Related Files

Cumulus Linux 2.5.3 Privilege Escalation: Posted Aug 18, 2015; Authored by Gregory Pickett | Site hellfiresecurity.com; Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, is vulnerable to local privilege escalation via command injection. Cumulus Linux's clcmd_server, when receiving commands that end in user supplied labels, will execute any other command appended to the end of it whether it is in the Rosetta or not. And it will do so using its own running credentials which are root. Versions 2.5.3 and earlier are affected.; tags | exploit, local, root; systems | linux; advisories | CVE-2015-5699; SHA-256 | a1fb04f6cf34bae2b04ccf1d59b164a1842267b7fa3db86f1b9bd93597c10072; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 86 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
indoushka 5 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,456)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,351)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,673)
UNIX (9,429)
UnixWare (187)
Windows (6,667)
Other

CVE-2015-5699

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems