SCO Unixware 7.1 pkginstall - Local Buffer Overflow

SCO Unixware 7.1 pkginstall - Local Buffer Overflow // source: https://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are...

SCO Unixware 7.1 pkginstall - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in /etc/security/tcb/privs give them the...