Published: 17/06/2019 Updated: 30/01/2023

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 666

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.

Vulnerable Product	Search on Vulmon	Subscribe to Product
solarwinds serv-u mft server
solarwinds serv-u ftp server

#!/bin/bash # SUroot - Local root exploit for Serv-U FTP Server versions prior to 1517 (CVE-2019-12181) # Bash variant of Guy Levin's Serv-U FTP Server exploit: # - githubcom/guywhataguy/CVE-2019-12181 # --- # user@debian-9-6-0-x64-xfce:~/Desktop$ /SUroot # [*] Launching Serv-U # sh: 1: : Permission denied # [+] Success: # -rwsr-xr ...

/* CVE-2019-12181 Serv-U 1516 Privilege Escalation vulnerability found by: Guy Levin (@va_start - twittercom/va_start) blogvastartdev to compile and run: gcc servu-pe-cve-2019-12181c -o pe && /pe */ #include <stdioh> #include <unistdh> #include <errnoh> int main() { char *vuln_args[] = { ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Post::Linux::Kernel include Msf::Post::Linux::Priv include Msf::Post::Linux::System inclu ...

Serv-U FTP Server version 1516 suffers from a local privilege escalation vulnerability ...

This Metasploit module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 1517 The Serv-U executable is setuid root, and uses ARGV[0] in a call to system(), without validation, when invoked with the -prepareinstallation flag, resulting in command execution with root privileges This module has been tested suc ...

LPE Exploit For CVE-2019-12181 (Serv-U FTP 15.1.6)

CVE-2019-12181 LPE Exploit For CVE-2019-12181 (Serv-U FTP 1516)

Resolução dos desafios do Beco do XPL - 30 Máquinas em 30 dias

--VM-- desafio 1 - wwwvulnhubcom/entry/hacker-fest-2019,378/ desafio 2 - pentesterlabcom/exercises/s2-052/course desafio 3 - wwwvulnhubcom/entry/droopy-v02,143/ desafio 4 - wwwvulnhubcom/entry/digitalworldlocal-joy,298/ desafio 5 - wwwvulnhubcom/entry/violator-1,153/ desafio 6 - wwwvulnhubcom/entry/w1r3s-101,220/

CWE-78 https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-1-7_release_notes.htm https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-Potential-elevation-of-privileges-on-Linux-systems http://packetstormsecurity.com/files/153333/Serv-U-FTP-Server-15.1.6-Privilege-Escalation.html https://blog.vastart.dev/2019/06/cve-2019-12181-serv-u-exploit-writeup.html http://packetstormsecurity.com/files/153505/Serv-U-FTP-Server-prepareinstallation-Privilege-Escalation.html https://nvd.nist.gov https://github.com/guywhataguy/CVE-2019-12181 https://www.exploit-db.com/exploits/47173

CVE-2019-12181

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect