7 lines
No EOL
555 B
Text
7 lines
No EOL
555 B
Text
source: https://www.securityfocus.com/bid/6656/info
|
|
|
|
mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable.
|
|
|
|
mtink is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may be exploited to execute arbitrary code with elevated privileges. Other distributions may also be affected if mtink is installed or runs with elevated privileges.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21001.tar.gz |