Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-1384. PoCs published by Rafal Wojtczuk.
AI-analyzed exploit summary The vulnerability in Linux's exec() implementation allows a traced process to execute a setuid image if the tracing process is setuid, potentially enabling privilege escalation. The exploitability is debated, and no actual exploit code is provided.
Description
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
Exploits (1)
The vulnerability in Linux's exec() implementation allows a traced process to execute a setuid image if the tracing process is setuid, potentially enabling privilege escalation. The exploitability is debated, and no actual exploit code is provided.