Description
uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by zen-parse · textlocalunix
https://www.exploit-db.com/exploits/21106
References (9)
Core 9
Core References
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/212892
Patch, Vendor Advisory vendor-advisory
x_refsource_caldera
http://www.calderasystems.com/support/security/advisories/CSSA-2001-033.0.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7099
Patch, Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3312
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2001_038_uucp_txt.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2001-165.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100715446131820
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2001/dsa-079
Scores
EPSS
0.0025
EPSS Percentile
48.4%
Details
Status
published
Products (1)
ian_lance_taylor/taylor_uucp
1.0.6
Published
Dec 21, 2001
Tracked Since
Feb 18, 2026