RSS   Vulnerabilities for 'Changepassword'   RSS

2005-01-10
 
CVE-2004-1263

 

 
changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious "make" program.

 


Copyright 2024, cxsecurity.com

 

Back to Top