Debian /usr/bin/suidexec Vulnerability

/usr/bin/suidexec will execute arbitrary commands as root,
as soon as just _one_ suid root shell script can be found
on the system: Just invoke

/usr/bin/suidexec <your program> /path/to/script

- it will happily execute your program with euid = 0. This
is completely sufficient for doing arbitrary damage on the
system.


 

Privacy Statement
Copyright 2010, SecurityFocus