QwikSec

Security Database

CVE

CWE

Training

CVE-2017-6516

Published: Mar 14, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.magnicomp.com/support/cve/CVE-2017-6516.shtml

x_refsource_CONFIRM

https://labs.mwrinfosecurity.com/advisories/multiple-vulnerabilities-in-magnicomps-sysinfo-root-setuid/

x_refsource_MISC

https://labs.mwrinfosecurity.com/advisories/magnicomps-sysinfo-root-setuid-local-privilege-escalation-vulnerability/

x_refsource_MISC

vdb-entry

x_refsource_BID

exploit

x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.