XaoS: improper setuid-root execution
| Package(s): | xaos | CVE #(s): | |||||
| Created: | June 9, 2003 | Updated: | June 11, 2003 | ||||
| Description: | XaoS, a program for displaying fractal images, is installed setuid root on certain architectures in order to use svgalib, which requires access to the video hardware. However, it is not designed for secure setuid execution, and can be exploited to gain root privileges. | ||||||
| Alerts: |
| ||||||