bmon -- unsafe set-user-ID application

2004-05-29T00:00:00
ID 938F357C-16DD-11D9-BC4A-000C41E2CDAD
Type freebsd
Reporter FreeBSD
Modified 2004-05-29T00:00:00

Description

Jon Nistor reported that the FreeBSD port of bmon was installed set-user-ID root, and executes commands using relative paths. This could allow local user to easily obtain root privileges.