PT-2004-2969 · Linux · Linux-Vserver

Published

2004-02-06

Updated

2017-07-11

CVE-2004-2073

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux-VServer version 1.24

Description The issue allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server. This is achieved through a modified chroot-again exploit using the chmod command.

Recommendations For Linux-VServer version 1.24, consider restricting the use of the chmod command or limiting root privileges on virtual servers to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2073

Affected Products

Linux-Vserver

PT-2004-2969 · Linux · Linux-Vserver

CVE-2004-2073

Related Identifiers

Affected Products

References · 8