Home / os / winmobile

Micro Focus (HPE) Data Protector SUID Privilege Escalation

Posted on 01 November 2019

This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges.

 

TOP

Malware :

Exploits :