CVE-2011-1159

acpid < 2.0.9 - Denial of Service via Unread Socket Connection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1159. PoCs published by Vasiliy Kulikov.

AI-analyzed exploit summary This exploit demonstrates a local denial-of-service (DoS) vulnerability in the 'acpid' daemon by opening multiple connections to a Unix domain socket, causing the service to hang. It specifically targets acpid 1.0.10, as tested on Ubuntu 10.04.

Description

acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Vasiliy Kulikov · cdoslinux

https://www.exploit-db.com/exploits/35240

View Code ZIP pw:eip

This exploit demonstrates a local denial-of-service (DoS) vulnerability in the 'acpid' daemon by opening multiple connections to a Unix domain socket, causing the service to hang. It specifically targets acpid 1.0.10, as tested on Ubuntu 10.04.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: acpid 1.0.10

No auth needed

Prerequisites: Local access to the target system · Unix domain socket accessible

MITRE ATT&CK