CVE-2002-1245

Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.

Date published : 2004-09-01

http://www.securityfocus.com/bid/6113

http://marc.info/?l=bugtraq&m=103660334009855&w=2