Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Local Privilege Escalation in OProfile - exploit.company
header-logo
Suggest Exploit
vendor:
OProfile
by:
7.5
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: OProfile
Affected Version From: All versions of OProfile
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:oprofile_project:oprofile
Metasploit:
Other Scripts:
Platforms Tested: Linux

Local Privilege Escalation in OProfile

The OProfile tool is vulnerable to a local privilege escalation vulnerability. An attacker can exploit this vulnerability to execute arbitrary commands with superuser privileges. By using a specially crafted command, an attacker can run arbitrary commands with elevated privileges.

Mitigation:

It is recommended to update to the latest version of OProfile to mitigate this vulnerability. Additionally, users should ensure that proper access controls are in place to restrict unauthorized access to the affected system.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/47652/info

OProfile is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to run arbitrary commands with superuser privileges. 

The following example command is available:

sudo opcontrol -e "abcd;/usr/bin/id"

Navigation

Suggest Exploit

Services By CQR