found 475733 1.0.5-6
thanks
> * Dropped 05_setuid.diff as it can cause a root exploit. (Closes: #475733)
This is not enough, because it still has seved set userid and is
exploitable:
> The package has a setuid binary acon. The binary never drops setuid. The
> source code contains the following lines: (acon.c)
>
> char tmp[300];
> ...
> if((env=getenv("HOME")))
> sprintf(tmp,"%s/.acon.conf",env);
>
> This can be easily exploited by a long $HOME.
Helmut
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
