module
HP Performance Monitoring xglance Priv Esc
| Disclosed |
|---|
| Nov 19, 2014 |
Disclosed
Nov 19, 2014
Description
This exploit takes advantage of xglance-bin, part of
HP's Glance (or Performance Monitoring) version 11 'and subsequent'
, which was compiled with an insecure RPATH option. The RPATH includes
a relative path to -L/lib64/ which can be controlled by a user.
Creating libraries in this location will result in an
escalation of privileges to root.
HP's Glance (or Performance Monitoring) version 11 'and subsequent'
, which was compiled with an insecure RPATH option. The RPATH includes
a relative path to -L/lib64/ which can be controlled by a user.
Creating libraries in this location will result in an
escalation of privileges to root.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.