Vulnerabilities > CVE-2002-0512 - Unspecified vulnerability in Caldera Openlinux Server and Openlinux Workstation

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

caldera

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.

Vulnerable Configurations

Part	Description	Count
Application	Caldera Caldera Openlinux Server 3.1.1 Caldera Openlinux Workstation 3.1.1	2

References

http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt
http://www.iss.net/security_center/static/8737.php
http://www.securityfocus.com/bid/4400