Sun Cobalt RaQ XTR Turbo UI Insecure Default File Permissions Vulnerability

info
discussion
exploit
solution
references

Sun Cobalt RaQ XTR Turbo UI Insecure Default File Permissions Vulnerability

It has been reported that files included with Cobalt RaQ XTR's Turbo UI management interface are installed with world-writeable permissions. A local attacker may exploit this vulnerability to modify scripts included with the interface and execute code with elevated privileges on the vulnerable system.