ChironFS File Creation Local Privilege Escalation Vulnerability
BID:25780
Info
ChironFS File Creation Local Privilege Escalation Vulnerability
| Bugtraq ID: | 25780 |
| Class: | Design Error |
| CVE: |
CVE-2007-5101 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 24 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Neal Becker is credited with the discovery of this vulnerability. |
| Vulnerable: |
ChironFS ChironFS 1.0 RC6 |
| Not Vulnerable: |
ChironFS ChironFS 1.0 RC7 |
Discussion
ChironFS File Creation Local Privilege Escalation Vulnerability
ChironFS is prone to a local privilege-escalation vulnerability.
An attacker could exploit this issue to execute arbitrary code with privileges of the user who mounted the filesystem.
This issue affects versions prior to ChironFS 1.0 RC7.
ChironFS is prone to a local privilege-escalation vulnerability.
An attacker could exploit this issue to execute arbitrary code with privileges of the user who mounted the filesystem.
This issue affects versions prior to ChironFS 1.0 RC7.
Exploit / POC
ChironFS File Creation Local Privilege Escalation Vulnerability
A specific exploit is not required. An attacker simply has to gain local interactive access to an affected computer.
A specific exploit is not required. An attacker simply has to gain local interactive access to an affected computer.
Solution / Fix
ChironFS File Creation Local Privilege Escalation Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
ChironFS ChironFS 1.0 RC6
Solution:
The vendor released an update to address this issue. Please see the references for more information.
ChironFS ChironFS 1.0 RC6
-
ChironFS chironfs-1.0-RC7.tar.gz
http://chironfs.googlecode.com/files/chironfs-1.0-RC7.tar.gz
References
ChironFS File Creation Local Privilege Escalation Vulnerability
References:
References:
- ChironFS 1.0 RC7 Changelog (ChironFS)
- ChironFS Hompage (ChironFS)