Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-1434. PoCs published by Richard Thomas.
AI-analyzed exploit summary This exploit describes a vulnerability in Slackware's /bin/login where the absence of /etc/group causes initgroups() to fail, resulting in uid/gid 0 assignment. The writeup explains the root cause and steps to reproduce but does not include executable code.
Description
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
Exploits (1)
This exploit describes a vulnerability in Slackware's /bin/login where the absence of /etc/group causes initgroups() to fail, resulting in uid/gid 0 assignment. The writeup explains the root cause and steps to reproduce but does not include executable code.