FreeBSD : KDM -- local privilege escalation vulnerability (3987c5d1-47a9-11df-a0d5-0016d32f24fb)
Medium Nessus Plugin ID 45529
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionKDE Security Advisory reports :
KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. A local attacker with a valid local account can under certain circumstances make use of this vulnerability to execute arbitrary code as root.
SolutionUpdate the affected packages.