[CVE-2008-2378] - Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse
Bug #320082 reported by
Stefan Lesicnik
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hf (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Dapper |
Fix Released
|
High
|
Stefan Lesicnik | ||
Gutsy |
Fix Released
|
High
|
Stefan Lesicnik | ||
Hardy |
Fix Released
|
High
|
Stefan Lesicnik | ||
Intrepid |
Fix Released
|
High
|
Stefan Lesicnik |
Bug Description
Binary package hint: hf
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
CVE References
To post a comment you must log in.
Will post test case later this evening.