Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2073

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2073
Last Modified 05 Sep 2008 04:43:07
Published 06 Feb 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2073

Summary

Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.

Vulnerable Systems


References

CONFIRM - http://www.linux-vserver.org/index.php?page=ChangeLog

XF - linux-vserver-gain-privileges(15073)

BID - 9596

BUGTRAQ - 20040206 Linux 2.4.24 with vserver 1.24 exploit

OSVDB - 3875

SECUNIA - 10816


Last Updated: 27 May 2016 10:39:20