First published: Tue May 16 2000(Updated: )
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
KDE KDE | =2.0_beta | |
KDE KDE | =1.1.1 | |
KDE KDE | =1.1 | |
KDE KDE | =1.2 | |
=1.1 | ||
=1.1.1 | ||
=1.2 | ||
=2.0_beta |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.