IRIX suid_exec Vulnerability...

- AV AC AU C I A
发布: 1996-12-02
修订: 2018-10-17

A vulnerability exists in the 'suid_exec' utility, as shipped by SGI with it's Irix operating system, versions 5.x and 6.x. Suid_exec is part of the Korn shell package, and was originally the mechanism by which ksh executed setuid shell scripts safely. However, it runs using the default shell, and as such will run the configuration files for the shell, such as a .cshrc. By placing malicious code in a .cshrc, and properly running suid_exec, commands can be executed as root.

0%
当前有1条漏洞利用/PoC
产品及版本信息(CPE)暂不可用