CVE-2001-0916

Berkeley pmake < 2.1.33 - Local Privilege Escalation via Long Shell Definition Check Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0916. PoCs published by IhaQueR@IRCnet.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Parallel Make (pmake) <= 2.1.33, allowing local privilege escalation by overwriting the return address via the .SHELL variable in a Makefile. It uses a combination of environment manipulation and shellcode execution to achieve root privileges.

Description

Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.

Exploits (1)

exploitdb WORKING POC VERIFIED
by IhaQueR@IRCnet · clocallinux
https://www.exploit-db.com/exploits/21159

This exploit targets a buffer overflow vulnerability in Parallel Make (pmake) <= 2.1.33, allowing local privilege escalation by overwriting the return address via the .SHELL variable in a Makefile. It uses a combination of environment manipulation and shellcode execution to achieve root privileges.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Parallel Make (pmake) <= 2.1.33
No auth needed
Prerequisites: pmake installed with setuid root · ability to execute local binaries
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100638919720975&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3573
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7603.php

Scores

EPSS 0.0077
EPSS Percentile 50.7%

Details

Status published
Products (1)
berkeley/pmake < 2.1.33
Published Nov 21, 2001
Tracked Since Feb 18, 2026