CVE-2006-3693 - Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with esca

CVE-2006-3693

Summary

Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call.

References

Vulnerable Configurations

cpe:2.3:a:rocks_clusters:rocks_clusters:*:*:*:*:*:*:*:*
cpe:2.3:a:rocks_clusters:rocks_clusters:*:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 18-10-2018 - 16:48)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	19003
bugtraq	20060714 Rocks Clusters <=4.1 local root
misc	http://xavier.tigerteam.se/advisories/TSEAD-200606-6.txt http://xavier.tigerteam.se/exploits/rocksmountdirty.sh http://xavier.tigerteam.se/exploits/rocksumountdirty.py
secunia	21065
sreason	1242
vupen	ADV-2006-2833
xf	rocks-mount-umount-privilege-escalation(27758)

Last major update

18-10-2018 - 16:48

Published

21-07-2006 - 14:03

Last modified

18-10-2018 - 16:48