CVE-2003-0949

CVE-2003-0949

EPSS 0.4%

xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/14098 http://www.debian.org/security/2003/dsa-405 http://www.securityfocus.com/bid/9321