[8lgm]-Advisory-10.UNIX.SCO-at.10-Feb-1992


PROGRAM:

	at(1)

VERSION:

	SCO UNIX 3.2v4.2

DESCRIPTION:

	at(1) can be used to execute arbitrary commands as group cron.

IMPACT:

	Any user with access to at(1) can become root.

REPEAT BY:

	Exploit details will not be made available, until a patch is
	provided.

FIX:

	Obtain a patch from SCO.

WORKAROUND:

	Deny access to at(1) for normal users (see man page for details.)

DISCUSSION:

	at(1) was originally designed to run setuid root.  SCOs version of
	at runs setgid cron, but still handles privileges as if running
	euid 0.