This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges.
↧