CVE-2000-1103 Information

Description

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

Reference

http://www.securityfocus.com/archive/1/147120 http://www.securityfocus.com/bid/2009