Description
rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges.
Affected products
- cdrtools / cdrtools2.0 – 2.0
- cdrtools / cdrtools2.0.3 – 2.0.3