Exploit SGI IRIX 6.4 - 'xfsdump' Local Privilege Escalation

[Exploiter]

EDB-ID

19358

Проверка EDB

1. Пройдено

Автор

YURI VOLOBUEV

Тип уязвимости

LOCAL

Платформа

IRIX

CVE

cve-1999-1398

Дата публикации

1997-05-07

SGI IRIX 6.4 - 'xfsdump' Local Privilege Escalation

source: https://www.securityfocus.com/bid/472/info

The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish to be created as root. This is turn could be used to compromise the system.

ln -sf /.rhosts /usr/tmp/bck.log