ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
BID:23495
Info
ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
| Bugtraq ID: | 23495 |
| Class: | Design Error |
| CVE: |
CVE-2007-2075 CVE-2007-2074 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 16 2007 12:00AM |
| Updated: | Jul 06 2016 02:39PM |
| Credit: | The vendor disclosed these issues. |
| Vulnerable: |
ScramDisk 4 Linux ScramDisk 4 Linux 1.0-0 ScramDisk 4 Linux ScramDisk 4 Linux 0.9-1 |
| Not Vulnerable: |
ScramDisk 4 Linux ScramDisk 4 Linux 1.0-1 |
Discussion
ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
ScramDisk is prone to multiple local privilege-escalation vulnerabilities.
Exploiting these issues allows local attackers to attain superuser privileges, which can lead to a complete system compromise.
These issues affect versions prior to 1.0-1.
ScramDisk is prone to multiple local privilege-escalation vulnerabilities.
Exploiting these issues allows local attackers to attain superuser privileges, which can lead to a complete system compromise.
These issues affect versions prior to 1.0-1.
Exploit / POC
ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
The attacker uses the vulnerable application itself to exploit this issue.
The attacker uses the vulnerable application itself to exploit this issue.
Solution / Fix
ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
Solution:
The vendor has released version 1.0-1 to address these issues.
ScramDisk 4 Linux ScramDisk 4 Linux 0.9-1
ScramDisk 4 Linux ScramDisk 4 Linux 1.0-0
Solution:
The vendor has released version 1.0-1 to address these issues.
ScramDisk 4 Linux ScramDisk 4 Linux 0.9-1
-
ScramDisk 4 Linux ScramDisk_1.0-1.tar.gz
http://downloads.sourceforge.net/sd4l/ScramDisk_1.0-1.tar.gz?modtime=1 176648127&big_mirror=0
ScramDisk 4 Linux ScramDisk 4 Linux 1.0-0
-
ScramDisk 4 Linux ScramDisk_1.0-1.tar.gz
http://downloads.sourceforge.net/sd4l/ScramDisk_1.0-1.tar.gz?modtime=1 176648127&big_mirror=0
References
ScramDisk 4 Linux Local Privilege Escalation Vulnerabilities
References:
References:
- [ 1696777 ] Disable SUID root programs in containers (ScramDisk 4 Linux)
- [ 1696780 ] Disable mounting over system directories (ScramDisk 4 Linux)
- ScramDisk 4 Linux Project Page (ScramDisk 4 Linux)