First published: Mon Mar 26 2001(Updated: )
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Conectiva Linux | =6.0 | |
Suse Suse Linux | =6.2 | |
Mandrakesoft Mandrake Linux | =7.2 | |
Mandrakesoft Mandrake Linux | =7.0 | |
Mandrakesoft Mandrake Linux Corporate Server | =1.0.1 | |
Mandrakesoft Mandrake Linux | =7.1 | |
Suse Suse Linux | =6.0 | |
Suse Suse Linux | =6.1 | |
Suse Suse Linux | =7.0 | |
Caldera Openlinux Edesktop | =2.4 | |
Suse Suse Linux | =6.3 | |
Suse Suse Linux | =6.4 | |
Mandrakesoft Mandrake Linux | =6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.