gpm-root (part of the gpm packge) fails to drop gid 0 priviledges when executing user commands.
Comment
RH6.1: New version of usermode fixes security bug
Jan10
on January 10, 2000
at 10:55 pm
Posted In: Uncategorized
A security bug has been discovered and fixed in the userhelper program.
New packages of am-utils are available for all Red Hat Linux platforms. This version includes an important security fix for a buffer overrun problem which is being actively exploited on the Internet.