<<< Date Index >>>     <<< Thread Index >>>

[ Suresec Advisories ] - Kcheckpass file creation vulnerability



Suresec Security Advisory  - #00006
05/09/05

Kcheckpass file creation vulnerability
Advisory: http://www.suresec.org/advisories/adv6.pdf

Description:

A lockfile handling error was found in kcheckpass which can,
in certain configurations be used to create world writable files.

Exploitation of this vulnerability may lead to elevated privileges .

The vulnerability was discovered by Ilja van Sprundel.