World-writable permissions on iodbctest and iodbctestw programs in libiodbc package in Slackware 13.1, 13.37, 14.0, and 14.1

World-writable permissions on iodbctest and iodbctestw programs in libiodbc package in Slackware 13.1, 13.37, 14.0, and 14.1

CVE-2013-7172 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.

Learn more about our User Device Pen Test.