gkermit setgid uucp Vulnerability

The gkermit binary supplied with Redhat Linux (released after February 27, 2000) is setgid uucp. gkermit can read/write/append files with a gid of uucp, such as /etc/uucp/passwd and several /dev entries. Malicious use of gkermit is dangerous on systems running uucp.


 

Privacy Statement
Copyright 2010, SecurityFocus