Rixstep Undercover Local Privilege Escalation Vulnerability
BID:22071
Info
Rixstep Undercover Local Privilege Escalation Vulnerability
| Bugtraq ID: | 22071 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 15 2007 12:00AM |
| Updated: | Jan 18 2007 12:02AM |
| Credit: | Rixstep Pwned reported this issue. |
| Vulnerable: |
Rixstep Undercover 0 |
| Not Vulnerable: | |
Discussion
Rixstep Undercover Local Privilege Escalation Vulnerability
Rixstep Undercover is prone to a local privilege-escalation vulnerability because of a design error in the affected application.
An attacker can exploit this issue to execute arbitrary code with superuser privileges, completely compromising affected computers. Failed exploit attempts will result in a denial of service.
Rixstep Undercover is prone to a local privilege-escalation vulnerability because of a design error in the affected application.
An attacker can exploit this issue to execute arbitrary code with superuser privileges, completely compromising affected computers. Failed exploit attempts will result in a denial of service.
Exploit / POC
Rixstep Undercover Local Privilege Escalation Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Rixstep Undercover Local Privilege Escalation Vulnerability
Solution:
The vendor reports they have addressed this issue in the latest version of the application. Please contact the vendor for more information.
Solution:
The vendor reports they have addressed this issue in the latest version of the application. Please contact the vendor for more information.
References
Rixstep Undercover Local Privilege Escalation Vulnerability
References:
References:
- [Full-disclosure] Rixstep aren't as leet as they thought they were (Rixstep Pwned)
- The Technological �?? 20070115,02 (Rixstep)
- Undercover Homepage (Rixstep)