Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2007-0257

Published: 16/01/2007 Updated: 11/04/2024
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Grsecurity

Vulnerability Summary

Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code

Vulnerable Product Search on Vulmon Subscribe to Product

grsecurity grsecurity kernel patch 2.0.1

grsecurity grsecurity kernel patch 2.1.5

grsecurity grsecurity kernel patch 2.1.1

grsecurity grsecurity kernel patch 2.1.7

grsecurity grsecurity kernel patch 2.1.8

grsecurity grsecurity kernel patch 2.1.2

grsecurity grsecurity kernel patch 1.9.4

grsecurity grsecurity kernel patch 2.1.4

grsecurity grsecurity kernel patch 2.1.3

grsecurity grsecurity kernel patch 2.1.0

grsecurity grsecurity kernel patch 2.0.2

grsecurity grsecurity kernel patch 2.1.6

Exploits

Exploit DB: Grsecurity Kernel PaX - Local Privilege Escalation
/* source: wwwsecurityfocuscom/bid/22014/info Grsecurity Kernel PaX is prone to a local privilege-escalation vulnerability An attacker can exploit this issue to obtain superuser privileges A successful attack can result in the complete compromise of the affected computer NOTE: The vendor disputes the issue, stating that the applicat ...

References

NVD-CWE-Otherhttp://forums.grsecurity.net/viewtopic.php?t=1646http://www.digitalarmaments.com/news_news.shtmlhttp://www.digitalarmaments.com/pre2007-00018659.htmlhttp://www.securityfocus.com/bid/22014http://secunia.com/advisories/23713http://grsecurity.net/news.php#digitalfudhttp://securitytracker.com/id?1017509http://osvdb.org/32727http://www.vupen.com/english/advisories/2007/0155http://www.securityfocus.com/archive/1/462302/100/100/threadedhttp://www.securityfocus.com/archive/1/457509/100/0/threadedhttp://www.securityfocus.com/archive/1/456722/100/0/threadedhttp://www.securityfocus.com/archive/1/456626/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/29446/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook