CVE-2004-0497

Linux kernel <2.x - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0497. PoCs published by Marco Ivaldi.

AI-analyzed exploit summary This exploit leverages a Linux kernel vulnerability (CVE-2004-0497) where the `chown` system call lacks proper DAC controls, allowing local users to change the group ownership of files they do not own. It demonstrates privilege escalation by modifying group permissions on sensitive files like `/etc/shadow`.

Description

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marco Ivaldi · clocallinux

https://www.exploit-db.com/exploits/718

View Code ZIP pw:eip

This exploit leverages a Linux kernel vulnerability (CVE-2004-0497) where the `chown` system call lacks proper DAC controls, allowing local users to change the group ownership of files they do not own. It demonstrates privilege escalation by modifying group permissions on sensitive files like `/etc/shadow`.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Linux kernel 2.2.x, 2.4.x < 2.4.27-rc3, 2.6.x < 2.6.7-rc3

No auth needed

Prerequisites: Local access to a vulnerable Linux system

MITRE ATT&CK