Taylor UUCP Argument Handling Privilege Elevation Vulnerability

Taylor UUCP is an implementation of the UUCP package written originally by Ian Lance Taylor.

A problem has been discovered in Taylor UUCP that makes it possible for local users to gain elevated privileges. The problem is due to the handling of configuration files when passed to uucp via the --config flag. When uux receives a request to execute commands using a malicious --config file, the commands will be executed with the privileges of uuxqt, a setuid uucp daemon by default.

This makes it possible for a local user to gain elevated privileges, and could lead to a local user gaining administrative access.


 

Privacy Statement
Copyright 2010, SecurityFocus