vendor:
by:
chaignc, bcoles
7.5
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name:
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: No
Related CWE:
CPE:
Platforms Tested: Linux
2019
ptrace Sudo Token Privilege Escalation
This module attempts to gain root privileges by blindly injecting into the session user's running shell processes and executing commands by calling `system()`, in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit ptrace. This module has been tested successfully on Debian 9.8 (x64) and CentOS 7.4.1708 (x64).
Mitigation:
Update the system to a version where the vulnerability is fixed. Disable ptrace or configure it to restrict its usage.
