Frank Meurer <[EMAIL PROTECTED]> writes: > FYI Fix already posted, security package update come in few minutes. > /usr/bin/kdesud has DISPLAY enviroment variable overflow. > tested on Mandrake 7.02 (Air), exploit will get you gid=0 > Shameless self promotion: Any security related job in Istanbul/Turkey -- MandrakeSoft Inc http://www.mandrakesoft.com In travel. --Chmouel
- [Cooker] KDE: /usr/bin/kdesud, gid = 0 exploit (fwd) Frank Meurer
- Chmouel Boudjnah