CVE-2004-0233

SGI Propack - Path Traversal

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0233. PoCs published by Steve Grubb.

AI-analyzed exploit summary The writeup describes two local vulnerabilities in utempter: a symbolic link attack due to improper input validation and a potential buffer overflow. Both issues stem from inadequate boundary checks and could lead to file corruption or arbitrary code execution.

Description

Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Steve Grubb · textlocallinux

https://www.exploit-db.com/exploits/24027

View Code ZIP pw:eip

The writeup describes two local vulnerabilities in utempter: a symbolic link attack due to improper input validation and a potential buffer overflow. Both issues stem from inadequate boundary checks and could lead to file corruption or arbitrary code execution.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: utempter (version not specified)

No auth needed

Prerequisites: Local access to the system · Ability to create symbolic links

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1200 - Hardware Additions

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10178

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2004:031

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15904

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-174.html

Vendor Advisory vendor-advisory x_refsource_slackware

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404389

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200405-05.xml

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-175.html

Scores

EPSS 0.0109

EPSS Percentile 61.2%

Details

Status published

Products (6)

sgi/propack 2.4

sgi/propack 3.0

slackware/slackware_linux

slackware/slackware_linux 9.1

utempter/utempter 0.5.2

utempter/utempter 0.5.3

Published Aug 18, 2004

Tracked Since Feb 18, 2026