Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.Referenceshttp://secunia.com/advisories/23024http://www.securityfocus.com/bid/21644http://securitytracker.com/id?1005847
