Graphical Network Simulator 3 is a popular package for building and designing networks. We recently discovered that the Mac OS-X version bundles a setuid root binary file “ubridge” which is used to bridge network interfaces. This binary does not perform any permission dropping and retains root privileges throughout its operation, this allows for trivial attacks such as reading files from the command line with “-f”. Reading files as root is useful,

https://www.myhackerhouse.com/gns-3-ubridge-local-privilege-escalation-attack-0day/