Back to search
CVE-2001-0087
Published: Feb 2, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
2139
vdb-entry
x_refsource_BID
itetris-svgalib-path(5795)
vdb-entry
x_refsource_XF
20001219 itetris[v1.6.2] local root exploit (system()+../ protection)
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now