Full title: Kloxo 6.1.12 Privilege Escalation Vulnerability 
Category: local exploits
Platform: linux
Kloxo versions 6.1.12 and below contain two setuid root binaries. lxsuexec and lxrestart allow local privilege escalation to root from uid 48, Apache by default on CentOS 5.8, the operating system supported by Kloxo. This Metasploit module has been tested successfully with Kloxo 6.1.12 and 6.1.6.

# 0day.today @ http://0day.today/