CVE-2003-0019

kernel-utils - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0019. PoCs published by [email protected].

AI-analyzed exploit summary This exploit targets an integer overflow vulnerability in uml_net (CVE-2003-0019) by supplying a negative version value to bypass calculations and execute arbitrary code via a crafted environment variable. It includes shellcode to spawn a shell with root privileges.

Description

uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.

Exploits (1)

exploitdb WORKING POC VERIFIED

by [email protected] · clocallinux

https://www.exploit-db.com/exploits/22640

View Code ZIP pw:eip

This exploit targets an integer overflow vulnerability in uml_net (CVE-2003-0019) by supplying a negative version value to bypass calculations and execute arbitrary code via a crafted environment variable. It includes shellcode to spawn a shell with root privileges.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: uml_net (uml_utilities from kernel-utils-2.4-8.13 or similar)

No auth needed

Prerequisites: Access to execute uml_net binary · Target system running vulnerable uml_net version

MITRE ATT&CK