CVE-2007-0257
Grsecurity Kernel PaX - Local Privilege Escalation
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
** DISPUTADA ** Vulnerabilidad no especificada en la función expand_stack en grsecurity PaX permite a usuarios locales obtener privilegios a través de vectores no especificados. NOTA: el desarrollador grsecurity ha disputado este problema, diciendo que 'la función donde dicen que está la vulnerabilidad es una función insignificante, que puede ser, y ha sido, fácilmente comprobada por cualquier supuesta vulnerabilidad.' El desarrollador también cita una divulgación anterior que no se probó. Desde el 20 de enero del 2007, el investigador original ha emitido código de demostración.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-12-18 First Exploit
- 2007-01-16 CVE Reserved
- 2007-01-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://grsecurity.net/news.php#digitalfud | X_refsource_misc | |
| http://osvdb.org/32727 | Vdb Entry | |
| http://secunia.com/advisories/23713 | Third Party Advisory | |
| http://securitytracker.com/id?1017509 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/456626/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/456722/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/457509/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/462302/100/100/threaded | Mailing List | |
| http://www.securityfocus.com/bid/22014 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0155 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/29446 | 2006-12-18 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://forums.grsecurity.net/viewtopic.php?t=1646 | 2024-05-17 | |
| http://www.digitalarmaments.com/news_news.shtml | 2024-05-17 | |
| http://www.digitalarmaments.com/pre2007-00018659.html | 2024-05-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 1.9.4 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "1.9.4" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.0.1 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.0.1" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.0.2 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.0.2" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.0 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.0" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.1 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.1" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.2 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.2" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.3 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.3" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.4 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.4" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.5 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.5" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.6 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.6" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.7 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.7" | - |
Affected
| ||||||
| Grsecurity Search vendor "Grsecurity" | Grsecurity Kernel Patch Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" | 2.1.8 Search vendor "Grsecurity" for product "Grsecurity Kernel Patch" and version "2.1.8" | - |
Affected
| ||||||