[40221] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[ Suresec Advisories ] - Kcheckpass file creation vulnerability

daemon@ATHENA.MIT.EDU (Suresec Advisories)
Wed Sep 7 14:05:55 2005

Message-ID: <431F2340.2080304@suresec.org>
Date: Wed, 07 Sep 2005 19:28:32 +0200
From: Suresec Advisories <advisories@suresec.org>
MIME-Version: 1.0
To: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Suresec Security Advisory  - #00006
05/09/05

Kcheckpass file creation vulnerability
Advisory: http://www.suresec.org/advisories/adv6.pdf

Description:

A lockfile handling error was found in kcheckpass which can,
in certain configurations be used to create world writable files.

Exploitation of this vulnerability may lead to elevated privileges .

The vulnerability was discovered by Ilja van Sprundel.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40221] in bugtraq

[ Suresec Advisories ] - Kcheckpass file creation vulnerability

daemon@ATHENA.MIT.EDU (Suresec Advisories)Wed Sep 7 14:05:55 2005

daemon@ATHENA.MIT.EDU (Suresec Advisories)
Wed Sep 7 14:05:55 2005