Vulnerability: Privilege Escalation in slashem-tty with Group Games Write Permissions

Vulnerability: Privilege Escalation in slashem-tty with Group Games Write Permissions

CVE-2003-1474 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris.

Learn more about our User Device Pen Test.