• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Star Tape Archiver Local SetUID Vulnerability

Star tape archiver is reportedly affected by a local setuid vulnerability. This issue is apparently due to a failure to properly implement the setuid functionality. It should be noted that this issue only affected the vulnerable software when archives are configured to be remotely accessible through SSH.

Successful exploitation of this issue may allow an attacker to gain superuser access to a computer running the vulnerable software.