CVE-2007-1189
Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions.
Desbordamiento de entero en la función envwrite en el kernel Alcatel-Lucent Bell Labs Plan 9 permite a un usuario local sobreescribir ciertas direcciones de memoria con la memoria kernel a través de un argumento n, como se demostró por (1) la modificación de la función iseve para ganar privilegios y (2)haciendo que la función devpermcheck conceda permisos sin restricción del dispositivo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-03-02 CVE Reserved
- 2007-03-02 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-09-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://osvdb.org/34956 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/3383 | 2024-08-07 | |
http://kernelspace.us/itheft.c | 2024-08-07 | |
http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html | 2024-08-07 | |
http://www.securityfocus.com/bid/22749 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|