A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.
References
Link | Resource |
---|---|
https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J | Exploit Third Party Advisory |
https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J - Exploit, Third Party Advisory |
Information
Published : 2013-09-25 10:31
Updated : 2024-11-21 01:56
NVD link : CVE-2013-4777
Mitre link : CVE-2013-4777
CVE.ORG link : CVE-2013-4777
JSON object : View
Products Affected
- android
motorola
- defy_xt
CWE
CWE-264
Permissions, Privileges, and Access Controls