4903 : LIDS LD_PRELOAD Capabilities Privilege Escalation
Printer | http://osvdb.org/4903 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

6 months ago

Percent Complete

100%

Disclosure

Jan 09, 2002

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

LIDS contains a flaw that may allow a local user to gain root privileges. The issue occurs when an attacker users LD_PRELOAD to ascertain the capabilities of any program on the system. If the program has been given CAP_SYS_RAWIO or CAP_SYS_MODULE capabalities, the attacker could disable LIDS and access arbitrary files on the system.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 1.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

LIDS Project	LIDS	0.11.0pre1
		1.1.0

References

Bugtraq ID: 3835
Other Advisory URL: http://www.team-teso.net/advisories/teso-advisory-012.txt
ISS X-Force ID: 7831
Vendor Specific Advisory URL: http://www.lids.org/advisory/advisory1.txt.html
Mail List Post: http://sourceforge.net/mailarchive/message.php?msg_id=166264
http://sourceforge.net/mailarchive/message.php?msg_id=166296
Vendor URL: http://www.lids.org/
Keyword: Intrusion Detection System

Credit

Stealth - TESO

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

LIDS Project

LIDS

References

Credit

Blogs

Comments