Privilege Escalation via LD_LIBRARY_PATH in startkde

Privilege Escalation via LD_LIBRARY_PATH in startkde

CVE-2002-0512 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.