COMMAND

    ksh(1)

SYSTEMS AFFECTED

    Systems running ksh(1) version 11/16/88a.

PROBLEM

    suid_exec can be used to execute arbitrary programs as root.

    suid_exec checks permissions on files  in a poor manner, and  does
    not verify the interpreter used in a secure fashion.

SOLUTION

    Obtain patch from your vendor.
    Remove set bit from suid_exec in the interim.