Root Exploit for FreeBSD-SA-19:02.fd by Secfault Security

vendor:

FreeBSD

by:

Karsten König

7.5

CVSS

HIGH

119

CWE

Product Name: FreeBSD

Affected Version From: FreeBSD 11.2-RELEASE

Affected Version To: FreeBSD 11.2-RELEASE-p10

Patch Exists: YES

Related CWE: CVE-2019-5599

CPE: o:freebsd:freebsd

Metasploit: https://www.rapid7.com/db/vulnerabilities/pulse-secure-pulse-connect-secure-cve-2019-5599/, https://www.rapid7.com/db/vulnerabilities/panos-cve-2019-5599/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2019-5599/

Other Scripts: N/A

Platforms Tested: FreeBSD

2019

Root Exploit for FreeBSD-SA-19:02.fd by Secfault Security

This exploit script is for FreeBSD-SA-19:02.fd vulnerability. It is written by Karsten König of Secfault Security. It uses libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper. It creates a thread and forks to exploit the vulnerability.

Mitigation:

Update the system to the latest version of FreeBSD.

Source

Root Exploit for FreeBSD-SA-19:02.fd by Secfault Security

Mitigation:

Exploit-DB raw data: