SNI has become aware of serious problems relating to the handling of temporary files by the default BSD cron jobs /etc/security and later became aware of an equally serious problem in /etc/daily. In addition, the 4.4BSDlite2 version of /etc/security passes unchecked data to a shell. These bugs make it possible for unpriviliged users to obtain root access, EVEN IF THERE ARE NO SETUID PROGRAMS ON THE SYSTEM.
5ca61e56aee4ef540984270e547da4953f9f595ef2022006e71664ad9a93aa72