Intersystems Cache' local root exploit. Larry W. Cashdollar http://vapid.dhs.org Because of poor default file and directory permissions a localuser can execute code as root via the cache CSP interpreter.

---

Attempting to overwrite /etc/passwd with cache::0:0:root:/root:/bin/bash.