Debian Security Advisory

kdebase -- buffer overflow in klock, kvt saves config as root

Date Reported:
30 May 1998
Affected Packages:
Security database references:
No other external database security references currently available.
More information:

We have received a report that one can use a simple buffer overflow exploit to gain access to the group shadow on systems running klock. There was also a problem in kvt which saved its configuration as root and not as regular user.

We recommend you upgrade your kdebase package immediately.

Fixed in:
Intel - (in release 1.3) Beta 2-2.3 All - (in release 2.0) 980312-8