CVE-2001-0873

Taylor UUCP - Privilege Escalation via uuxqt Long Option Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0873. PoCs published by zen-parse.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in Taylor UUCP by manipulating the --config flag to execute arbitrary commands with elevated privileges (uucp). It involves creating a malicious configuration file and a command file, then using uux to execute the commands via uuxqt.

Description

uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by zen-parse · textlocalunix

https://www.exploit-db.com/exploits/21106

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in Taylor UUCP by manipulating the --config flag to execute arbitrary commands with elevated privileges (uucp). It involves creating a malicious configuration file and a command file, then using uux to execute the commands via uuxqt.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Taylor UUCP

No auth needed

Prerequisites: Local access to the system · Taylor UUCP installed · Ability to create files in /tmp

MITRE ATT&CK