Vulnerabilities > CVE-2007-0368 - Local Privilege Escalation Vulnerabilites in MBSE-BBS MBSE_Root

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

michiel-broek

critical

exploit available

NVD

Published: 2007-01-19

Updated: 2017-10-19

Summary

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.

Vulnerable Configurations

Part	Description	Count
Application	Michiel_Broek Michiel Broek Mbse BBS 0.33.17 Michiel Broek Mbse BBS 0.33.18 Michiel Broek Mbse BBS 0.33.19 Michiel Broek Mbse BBS 0.33.20 Michiel Broek Mbse BBS 0.35.7 Michiel Broek Mbse BBS 0.36 Michiel Broek Mbse BBS 0.38 Michiel Broek Mbse BBS 0.60 Michiel Broek Mbse BBS 0.70	9

Exploit-Db

description	GNU/Linux mbse-bbs. CVE-2007-0368. Local exploit for linux platform
file	exploits/linux/local/3154.c
id	EDB-ID:3154
last seen	2016-01-31
modified	2007-01-18
platform	linux
port
published	2007-01-18
reporter	prdelka
source	https://www.exploit-db.com/download/3154/
title	GNU/Linux mbse-bbs <= 0.70.0 - Local Buffer Overflow Exploit
type	local

Summary

Vulnerable Configurations

Exploit-Db

References