CVE-2003-0949 Information

Description

xsok 1.02 does not properly drop privileges before finding and executing the \gunzip\ program which allows local users to execute arbitrary commands.

Reference

http://www.debian.org/security/2003/dsa-405 http://www.securityfocus.com/bid/9321 https://exchange.xforce.ibmcloud.com/vulnerabilities/14098