unixware.pkg.exploits.txt
Greetings, OVERVIEW Most of UnixWare's pkg commands can be exploited to print /etc/shadow, leading to a probable root compromise. BACKGROUND Only tested on UnixWare 7.1. DETAILS The permissions for the UnixWare pkg commands are as follows: bash-2.02$ ls -la /usr/sbin/pkgchk /usr/bin/pkginfo...