CVE-2000-0506

This exploit leverages a Linux kernel capability handling flaw (CVE-2000-0506) to prevent setuid programs like sendmail from dropping privileges, resulting in local privilege escalation to root. It manipulates capabilities via LD_PRELOAD and crafts a malicious sendmail configuration to execute arbitrary commands.

This exploit leverages a vulnerability in Linux POSIX capabilities where a parent process can manipulate capabilities to prevent a setuid program (like sendmail) from dropping privileges. This results in arbitrary command execution as root via a malicious .forward file.