• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

IRIX inpview Environment Variable Local Privilege Escalation

Network Security News – Sunday, April 16, 2006 Events

IRIX inpview Environment Variable Local Privilege Escalation

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when inpview trusts the user environment and does not drop privileges. A malicious user can set the environment variable SUN_TTSESSION_CMD to "cp /bin/jsh /tmp/jsh;chmod 6755 /tmp/jsh;killall -9 inpview," which will execute with root permissions, thus allowing a regular user to drop a setuid and setgid shell to /tmp. This flaw leads to a loss of integrity.. Read more at osvdb.org/12915

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software