CVE-2009-2698 Linux kernel before 2.6.19拒絕服務/特權提升漏洞

From PwnWiki
Revision as of 12:06, 2 April 2021 by Pwnwiki (talk | contribs) (Created page with "==INFO== <pre> # CVE-2009-2698 CVE-2009-2698 compiled for CentOS 4.8 > https://github.com/SecWiki/linux-kernel-exploits/tree/4dca098e7491efc83903494d7c00f24c843aae99/2009/CVE-...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

INFO

# CVE-2009-2698
CVE-2009-2698 compiled for CentOS 4.8
> https://github.com/SecWiki/linux-kernel-exploits/tree/4dca098e7491efc83903494d7c00f24c843aae99/2009/CVE-2009-2698

# Detail

```
[hacker@localhost ~]$ id
uid=500(hacker) gid=500(hacker) groups=500(hacker) context=user_u:system_r:unconfined_t
[hacker@localhost ~]$ gcc 36108.c  -o exp
[hacker@localhost ~]$ ./exp
sh-3.00# id
uid=0(root) gid=0(root) groups=500(hacker) context=user_u:system_r:unconfined_t
sh-3.00# uname -an
Linux localhost.localdomain 2.6.9-89.EL #1 Mon Jun 22 12:19:40 EDT 2009 i686 i686 i386 GNU/Linux
sh-3.00# 
```

EXP

https://github.com/JustYoomoon/Exploit/blob/main/CVE-2009-2698.zip

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2009-2698_Linux_kernel_before_2.6.19拒絕服務/特權提升漏洞&oldid=897"