MandrakeSoft Information for VU#982616

KDE2 kdesu 'keep password' option does not verify socket listener potentially exposing su password

Status

Affected

Vendor Statement

http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3?dis=8.0

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.