|
|
CVE Reference: CVE-2003-0171 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2003-0171 |
|
|
Description: DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. |
|
|
CVE Status: Candidate |
|
|
References: CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html ATSTAKE http://www.atstake.com/research/advisories/2003/a041003-1.txt |
|
| Return to the previous page. |
