2000-07-12 04:00:00
mitre
PUBLISHED
The KDE kscd program does not drop privileges when executing a program specified in a users SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.