/bin/login gives root to group utmp Nov 30 2008 07:51PM
Paul Szabo (psz maths usyd edu au)
There is a group-utmp-to-root privilege escalation vulnerability in
/bin/login in Debian, and I expect in all other Linux distros.
For details and exploit please see


Currently am not aware of any group utmp issues (that could be
leveraged to get root).


Paul Szabo psz (at) maths.usyd.edu (dot) au [email concealed] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus