CVE-2011-1496
tmux 1.3 and 1.4 - Privilege Escalation via -S Command-Line Option
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-1496. PoCs published by ph0x90bic.
AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in tmux versions 1.3/1.4, where the '-S' option incorrectly sets the effective group ID to 'utmp'. This allows local users to execute commands with utmp group privileges, enabling log file manipulation.
Description
tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.
Exploits (1)
This exploit leverages a privilege escalation vulnerability in tmux versions 1.3/1.4, where the '-S' option incorrectly sets the effective group ID to 'utmp'. This allows local users to execute commands with utmp group privileges, enabling log file manipulation.