This Metasploit module is an exploit that takes advantage of xglance-bin, part of HP's Glance (or Performance Monitoring) version 11 and subsequent, which was compiled with an insecure RPATH option The RPATH includes a relative path to -L/lib64/ which can be controlled by a user Creating libraries in this location will result in an escalation of ...
It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) in Compaq/HP's Glance for Linux have been compiled in manner that means they searched for libraries in insecure locations Versions 1100 and below are affected ...
perf-exploiter (CVE-2014-2630)
In one of our recent penetration tests we have abused a vulnerability affecting a suid binary called "xglance-bin" Part of HP Performance Monitoring solution, it allowed us to escalate our local unprivileged sessions on some Linux RHEL 7x/8x systems to root To be very honest, it was not the first time we leveraged that specific vulne