CVE-2009-0876
Sun xVM VirtualBox 2.0.0-2.1.4 - Privilege Escalation via Hardlink Attack
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-0876. PoCs published by Sun Microsystems.
AI-analyzed exploit summary This exploit leverages a local privilege escalation vulnerability in Sun xVM VirtualBox by creating a malicious shared library (libdl.so.2) that is loaded due to improper library path handling. The library executes a constructor function to escalate privileges to root via setuid(0) and spawns a shell.
Description
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
Exploits (1)
This exploit leverages a local privilege escalation vulnerability in Sun xVM VirtualBox by creating a malicious shared library (libdl.so.2) that is loaded due to improper library path handling. The library executes a constructor function to escalate privileges to root via setuid(0) and spawns a shell.