VULHUB ™

Rational Software's ClearCase product includes a vulnerability whereby an unprivileged user can have any readable executable set to SUID root.. A 1.5 meg file is copied and then chmod'ed to SUID, and during the time this file is being copied it can be unlinked and replaced with another.

Rational Software's ClearCase product includes a vulnerability whereby an unprivileged user can have any readable executable set to SUID root.. A 1.5 meg file is copied and then chmod'ed to SUID, and during the time this file is being copied it can be unlinked and replaced with another.