COMMAND

    dxterm

SYSTEMS AFFECTED

    Ultrix 4.5 (4.5 and others?)

PROBLEM

    On ULTRIX 4.4, there's an enhanced xterm called dxterm.   Normally
    it's setuid.  dxterm allows users  to select a file to log  output
    to.  It's a trivial matter  to link this file to another  file and
    since  dxterm  is  running  as  root,  it's  very  easy  to append
    arbitrary data to  any file on  the filesystem, even  if not owned
    by the particular user.  It does not seem to follow symlinks.

    Credit goes to Trevor Schroeder.

SOLUTION

    Nothing much you can do.  Digital will give patch for this.