Originally Published: Wednesday, 6 October 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

l0pht releases advisory for Cactus Softwares' Shell-Lock

"Severity (a): Users can de-obfuscate and retrieve the hidden shell code Severity (b): If a shell-locked binary is setuid root a user can execute any command as root." Worth looking over, no?