SunOS kmem setgid /etc/crash Vulnerability

/etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem.

This is Sun Bug ID 1054480 and 1042662.


 

Privacy Statement
Copyright 2010, SecurityFocus