Author: anonymous type: local platform: aix port: date_added: 1993-02-03 date_updated: 2017-11-22 verified: 1 codes: OSVDB-17059 tags: aliases: screenshot_url: application_url:
source: https://www.securityfocus.com/bid/59/info /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem. $ /etc/crash ! sh