CVE-2001-0873 | HackTesting

uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.

References

http://www.securityfocus.com/archive/1/212892

http://www.calderasystems.com/support/security/advisories/CSSA-2001-033.0.txt

https://exchange.xforce.ibmcloud.com/vulnerabilities/7099

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425

http://www.securityfocus.com/bid/3312

http://www.novell.com/linux/security/advisories/2001_038_uucp_txt.html

http://rhn.redhat.com/errata/RHSA-2001-165.html

http://marc.info/?l=bugtraq&m=100715446131820

http://www.debian.org/security/2001/dsa-079