CVE-2001-0623
published 2001-08-02CVE-2001-0623: sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification…
PriorityP417medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
0.80%
52.1th percentile
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution
exploitdb·2001-04-24
CVE-2001-0623 Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution
Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution
---
source: https://www.securityfocus.com/bid/2645/info
Sendfile is an implementation of the SAFT (simple asynchronous file transfer) protocol for UNIX systems.
Due to a problem dropping privileges completely before running user-specified post-processing commands in the Sendfile daemon, it may be possible for a local user to execute arbitrary commands with elevated privileges.
#!/bin/sh
#
# sfdfwd - Sendfile daemon local arbitrary command execution vulnerability
#
# references:
# https://www.securityfocus.com/bid/2645
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=76048
#
# 04/24/01 psheep
SFUSER=$USER
SFHOST=localhost
SFPORT=saft
SFSPOOL=/var/spool/sendfile
SFUSERCFG="$SFSPOOL/$SFUSER/config/config"
echo "Sendfile
Exploit-DB
Sendfile 1.x/2.1 - Forced Privilege Lowering Failure
exploitdb·2001-04-24
CVE-2001-0623 Sendfile 1.x/2.1 - Forced Privilege Lowering Failure
Sendfile 1.x/2.1 - Forced Privilege Lowering Failure
---
source: https://www.securityfocus.com/bid/2652/info
Sendfile is an implementation of the SAFT (simple asynchronous file transfer) protocol for UNIX systems.
A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction with other problems found in the daemon, it may be possible for a local user to execute arbitrary commands as root and gain elevated privileges.
#!/bin/sh
#
# sfdnfy - Sendfile daemon local arbitrary command execution vulnerability
#
# references:
# https://www.securityfocus.com/bid/2652
# https://www.securityfocus.com/bid/2631
#
# 04/24/01 psheep
SFUSER=$USER
SFHOST=localhost
SFPORT=saft
SFSPOOL=/var/spool/sendfile
SFUSERCFG="$SFSPOOL/$SFUSER/config/config"
echo "Sendfile daemon local
No writeups or analysis indexed.
2001-08-02
Published