OSVDB ID: 535 Title: UNIX-V6 su File Descriptor Exhaustion Local Privilege Escalation |
Info |
|
|
Dates |
||||
|
|
Description |
UNIX-V6 contains a flaw that may allow a local attacker to gain increased privileges. The flaw occurs when an attacker intentionally exhausts all file descriptors before executing the 'su' program. In such a case, 'su' would invoke a super-user shell instead of failing to execute. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Integrity Exploit: Exploit Public |
Solution |
The vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |