Source: Help Net Security
by Zeljka Zorz
In this article “A zero-day vulnerability affecting the last version of Backtrack Linux has been spotted by a student during an Ethical Hacking class organized by the InfoSec Institute.
The discovery was made public on InfoSec’s own website and detailed by the student himself, who says that the Wireless Interface Connection Daemon (WICD) Backtrack components has several design flaws that can be misused to execute a privilege escalation exploit.
“Improper sanitization of the inputs in the WICD’s DBUS interfaces allows an attacker to (semi)arbitrarily write configuration options in WICD’s ‘wireless-settings.conf’ file, including but not limited to defining scripts (executables actually) to execute upon various internal events (for instance upon connecting to a wireless network),” he explained. “