• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SCO UnixWare Ptrace Local Privilege Escalation Vulnerability

Although an exploit as such isn't required to trigger this issue, attackers may need to create an application to use the 'ptrace()' functionality to execute arbitrary code in a setuid-superuser application.


A proof-of-concept example is available:

• /data/vulnerabilities/exploits/sco-root-exploit.c