Buffer overflow in XShisen prior to 1.36 allows local users to execute arbitrary code via a long GECOS field.
xshisen xshisen