7.2
CVSSv2

CVE-2013-4362

Published: 30/09/2013 Updated: 01/07/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users to gain privileges via unknown attack vectors in (1) kernel_interface.c and (2) mount_davfs.c, related to the "system" function.

Vulnerable Product Search on Vulmon Subscribe to Product

werner baumann davfs2 1.4.6

werner baumann davfs2 1.4.7

Vendor Advisories

Debian Bug report logs - #723034 davfs2: CVE-2013-4362: Unsecure use of system() Package: davfs2; Maintainer for davfs2 is Luciano Bello <luciano@debianorg>; Source for davfs2 is src:davfs2 (PTS, buildd, popcon) Reported by: Werner Baumann <wernerbaumann@onlinehomede> Date: Sun, 15 Sep 2013 16:33:02 UTC Severity: ...
Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root This might allow a privilege escalation For the oldstable distribution (squeeze), this problem has been fixed in version 146-11+squeeze1 For the stable distribution (wheezy), this problem has been fixed in version 146-11+deb7u1 For the test ...

Exploits

davfs2 146/147 local privilege escalation exploit *Bug Description*: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition The bug is well documented at bugsdebianorg/cgi-bin/bugreportcgi?bug=723034 Basically the program "mountdavfs" runs as root with setuid and executes some calls t ...

Github Repositories

Automatically exploit systems with vulnerable davfs2 (CVE-2013-4362)

Automatic-davfs2-146-147-Local-Privilege-Escalation Automatically exploit systems with vulnerable davfs2 (CVE-2013-4362) WHAT IS THIS FOR? Just two sh scripts to simplify the exploitation davfs2 with vulnerable versions Prerequisites At least one of the module 'fuse' or 'coda' must not be loaded into the kernel (The PoC works with coda which is not loa