Debian DSA-2037-1 : kdm (kdebase) - race condition
Medium Nessus Plugin ID 45559
SynopsisThe remote Debian host is missing a security-related update.
DescriptionSebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root.
SolutionUpgrade the kdm package.
For the stable distribution (lenny), this problem has been fixed in version 4:3.5.9.dfsg.1-6+lenny1.