xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-01-14T05:00:00
Updated: 2024-08-08T02:12:35.006Z
Reserved: 2003-11-14T00:00:00
Link: CVE-2003-0949
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-02-03T05:00:00.000
Modified: 2017-07-11T01:29:38.680
Link: CVE-2003-0949
Redhat
No data.