module
Serv-U FTP Server prepareinstallation Privilege Escalation
| Disclosed |
|---|
| 2019-06-05 |
Disclosed
2019-06-05
Description
This module attempts to gain root privileges on systems running
Serv-U FTP Server versions prior to 15.1.7.
The `Serv-U` executable is setuid `root`, and uses `ARGV[0]`
in a call to `system()`, without validation, when invoked with
the `-prepareinstallation` flag, resulting in command execution
with root privileges.
This module has been tested successfully on Serv-U FTP Server
version 15.1.6 (x64) on Debian 9.6 (x64).
Serv-U FTP Server versions prior to 15.1.7.
The `Serv-U` executable is setuid `root`, and uses `ARGV[0]`
in a call to `system()`, without validation, when invoked with
the `-prepareinstallation` flag, resulting in command execution
with root privileges.
This module has been tested successfully on Serv-U FTP Server
version 15.1.6 (x64) on Debian 9.6 (x64).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.