VULHUB ™

FCheck, when invoked with the -l switch, will send reports to syslog instead of stdout. In the course of doing so, it makes a system() call with the filename in the argument. Therefore, if a filename contains a shell metacharacter followed by a command, that command will be executed at the privilege level of FCheck (usually root). Any user who can create files in a filestructure that is monitored by FCheck can exploit this vulnerability.

FCheck, when invoked with the -l switch, will send reports to syslog instead of stdout. In the course of doing so, it makes a system() call with the filename in the argument. Therefore, if a filename contains a shell metacharacter followed by a command, that command will be executed at the privilege level of FCheck (usually root). Any user who can create files in a filestructure that is monitored by FCheck can exploit this vulnerability.