Vulnerability Details CVE-2004-2073
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/10816
- http://www.linux-vserver.org/index.php?page=ChangeLog
- http://www.osvdb.org/3875
- http://www.securityfocus.com/archive/1/353003
- http://www.securityfocus.com/bid/9596
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15073
- http://secunia.com/advisories/10816
- http://www.linux-vserver.org/index.php?page=ChangeLog
- http://www.osvdb.org/3875
- http://www.securityfocus.com/archive/1/353003
- http://www.securityfocus.com/bid/9596
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15073
Products affected by CVE-2004-2073
-
cpe:2.3:a:vserver:linux-vserver:1.20
-
cpe:2.3:a:vserver:linux-vserver:1.21
-
cpe:2.3:a:vserver:linux-vserver:1.22
-
cpe:2.3:a:vserver:linux-vserver:1.23
-
cpe:2.3:a:vserver:linux-vserver:1.24