##
# This module requires Metasploit: metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Local
Rank = ExcellentRanking
include Msf::Post::File
include Msf::Post::Linux::Kernel
include Msf::Post::Linux::Priv
include Msf::Post::Linux::System
inclu ...
This Metasploit module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 1517 The Serv-U executable is setuid root, and uses ARGV[0] in a call to system(), without validation, when invoked with the -prepareinstallation flag, resulting in command execution with root privileges This module has been tested suc ...