kdesu program in KDE2 (KDE prior to 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
conectiva linux 6.0 |
||
mandrakesoft mandrake linux corporate server 1.0.1 |
||
suse suse linux 6.0 |
||
mandrakesoft mandrake linux 6.1 |
||
mandrakesoft mandrake linux 7.0 |
||
suse suse linux 6.3 |
||
suse suse linux 6.4 |
||
mandrakesoft mandrake linux 7.1 |
||
mandrakesoft mandrake linux 7.2 |
||
suse suse linux 7.0 |
||
caldera openlinux edesktop 2.4 |
||
suse suse linux 6.1 |
||
suse suse linux 6.2 |