CVE-2004-2073

Linux-VServer 1.24 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2073. PoCs published by Markus Mueller.

AI-analyzed exploit summary This exploit leverages a chroot-again vulnerability in VServer to escape the chrooted environment by manipulating directory permissions and re-chrooting. It creates a directory, changes into it, and then iteratively traverses up the directory tree while modifying permissions to eventually break out of the chroot jail.

Description

Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Markus Mueller · clocallinux

https://www.exploit-db.com/exploits/23658

View Code ZIP pw:eip

This exploit leverages a chroot-again vulnerability in VServer to escape the chrooted environment by manipulating directory permissions and re-chrooting. It creates a directory, changes into it, and then iteratively traverses up the directory tree while modifying permissions to eventually break out of the chroot jail.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: VServer 1.24 with Linux kernel 2.4.24

Auth required

Prerequisites: Root access within the VServer chroot environment · VServer with chmod 000 /vservers configuration

MITRE ATT&CK