Vulnerabilities > CVE-2003-1161 - Unspecified vulnerability in Linux Kernel 2.6Test9Cvs

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

linux

NVD

Published: 2003-12-31

Updated: 2008-09-05

Summary

exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 2.6_Test9_Cvs	1

References

http://www.securityfocus.com/bid/8987
http://www.ussg.iu.edu/hypermail/linux/kernel/0311.0/0621.html
http://www.ussg.iu.edu/hypermail/linux/kernel/0311.0/0627.html
http://www.ussg.iu.edu/hypermail/linux/kernel/0311.0/0630.html