[Info penting] Bug memberikan akses root ke pengguna mana pun


AsiaVM

AsiaVM

Poster 2.0
Permisi Tuan,
langsung aja nih biar pada patch di server masing2, bug terhadap semua distro linux, melaui bug ini user biasa bisa menjadi root

video demonstransi dari si pembuat

Penjelasan lengkap
blog.qualys.com

CVE-2021-4034: How PwnKit Exploits Polkit’s pkexec | Qualys

CVE-2021-4034, a PwnKit vulnerability, lets unprivileged users gain root access via pkexec. Explore its impact and how to mitigate the risk.
blog.qualys.com blog.qualys.com
www.theregister.com

Linux system service polkit has make-me-root security flaw

What happens when argc is zero and a SUID program doesn't care? Let's find out!
www.theregister.com www.theregister.com

Langsung patch begini sementara menunggu update resmi
Code: 
# chmod 0755 /usr/bin/pkexec


Example poc
Code: 
[user@centos ~]$ grep PRETTY /etc/os-release
PRETTY_NAME="CentOS Linux 7 (Core)"
[user@centos ~]$ id
uid=11000(user) gid=11000(user) groups=11000(user) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[user@centos ~]$ gcc cve-2021-4034-poc.c -o cve-2021-4034-poc
[user@centos ~]$ ./cve-2021-4034-poc
sh-4.2# id
uid=0(root) gid=0(root) groups=0(root),11000(user) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
sh-4.2# exit
script poc: https://github.com/arthepsy/CVE-2021-4034
 
You must log in or register to reply here.
Back
Top