2nd Apr 2002 [SBWID-5223]
COMMAND
shared library attacks using bad LD_LIBRARY_PATH
SYSTEMS AFFECTED
OpenLinux Server 3.1.1 All packages previous to kdeconfig-20011203-2
OpenLinux Workstation 3.1.1 All packages previous to kdeconfig-20011203-2
PROBLEM
In Caldera Security Advisory CSSA-2002-005.0, the startkde script will
set the LD_LIBRARY_PATH environment variable to \" /opt/kde2/lib:\"
which includes the current working directory in the library search
path. This exposes users to shared library attacks.
SOLUTION
Upgrade to latest package.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
