Buffer overflow in les for ATM on Linux (linux-atm) prior to 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.
source: wwwsecurityfocuscom/bid/7437/info
The linux-atm 'les' executable has been reported prone to a buffer overflow vulnerability
This issue is due to a lack of sufficient bounds checking performed on data supplied via specific command line arguments to the 'les' executable Excessive data may overrun the bounds of an internal memory ...