Skip to content

Commit

Permalink
Update 1_system_information.sh
Browse files Browse the repository at this point in the history
  • Loading branch information
@carlospolop
carlospolop authored Jan 31, 2022
1 parent cc1e2b4 commit 77cc22a
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions linPEAS/builder/linpeas_parts/1_system_information.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,11 @@ else echo_not_found "sudo"
fi
echo ""

#-- SY) CVE-2021-4021

This comment has been minimized.

Sign in to view

Copy link
@MefhigosetH

MefhigosetH Feb 1, 2022
edited
Loading

Based on Qualys Security Advisory, I think that the correct CVE for this privilege escalation technique is 2021-4034.
if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && (stat -c '%y' $(which pkexec) | grep -qvE "2[0-9][2-9][3-9]-|2022-[0-1][2-9]-0[0-9]|2022-01-[2-3][0-9]|2022-01-1[2-9]" ) ; then
echo "Vulnerable to CVE-2021-4021" | sed -${E} "s,.*,${SED_RED_YELLOW},"
fi

#--SY) USBCreator
if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then
print_2title "USBCreator"
Expand Down

0 comments on commit 77cc22a

Please sign in to comment.