Description
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
Affected products
- RedHat / linux2.1 – 2.1
- rxvt / rxvt
- slackware / slackware_linux3.0 – 3.0
References
- MAILING_LISThttp://marc.info/?l=bugtraq&m=87602167418966&w=2