Privilege Escalation Vulnerability in csstart program of iCal 2.1 Patch 2

Privilege Escalation Vulnerability in csstart program of iCal 2.1 Patch 2

CVE-2000-1074 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.