SecTor: Old Security Vulnerabilities Live On
Oct 03, 2012, 10:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
Privilege-based flaws are also common and have been for more than 15 years. Gamble said that on Unix-based systems in particular, many admins simply don't know how to properly set up permissions. Gamble suggests that security professionals check the /usr/local/bin and usr/local/sbin directories for third-party applications on a Unix machine. It's likely they will find insecure applications with permissions they don't need.