ChiTeX/ChiLaTeX unsafe set-user-id root

2003-04-25T00:00:00
ID 49AD1BF8-5D7E-11D8-80E3-0020ED76EF5A
Type freebsd
Reporter FreeBSD
Modified 2003-04-25T00:00:00

Description

Niels Heinen reports that ChiTeX installs set-user-id root executables that invoked system(3) without setting up the environment, trivially allowing local root compromise.