Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] rPSA-2006-0106-1 kdebase
From: Justin M. Forbes (jmforbesrpath.com)
Date: Thu Jun 15 2006 - 14:01:16 CDT
rPath Security Advisory: 2006-0106-1
Products: rPath Linux 1
Exposure Level Classification:
Local Root Deterministic Information Exposure
KDM allows the user to select the session type for login. This setting
is stored in the user home directory. Previous versions of KDM will
follow a symbolic link and can thus disclose the contents of any file
on the system (such as /etc/shadow) to arbitrary users. KDM is not the
default window manager on rPath Linux.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/