Unitrends Enterprise Backup bpserverd Privilege Escalation

Posted by deepcore on November 29, 2018 – 11:55 pm

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to exploits/linux/misc/ueb9_bpserverd however it runs against the localhost by dropping a python script on the local file system. Unitrends stopped bpserverd from listening remotely on version 10.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Joomla Fabrik 3.9 CSRF / LFI / Shell Upload WordPress SEO (Yoast SEO) 9.1 Race Condition / Command Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Unitrends Enterprise Backup bpserverd Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL