SUSE CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

netbsd.noexec.txt

Date: Thu, 18 Mar 1999 21:27:39 +1100 From: matthew green To: [email protected] Subject: NetBSD Security Advisory 1999-007 -----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 1999-007 ================================= Topic: noexec mount flag is not properly handled by non-root mount...