Main Vulnerability Database Exploits ID:4136 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2011-1020

ID:4136 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2011-1020

Published: August 11, 2020

Vulnerability identifier: #VU45294

Vulnerability risk: Low

CVE-ID: CVE-2011-1020

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/41770/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.

Remediation

Install update from vendor's website.

ID:4136 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2011-1020

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human