Scientific Linux Security Update : kdebase on SL4.x, SL5.x i386/x86_64
Medium Nessus Plugin ID 60781
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA privilege escalation flaw was found in the KDE Display Manager (KDM). A local user with console access could trigger a race condition, possibly resulting in the permissions of an arbitrary file being set to world-writable, allowing privilege escalation.
The system should be rebooted for this update to take effect. After the reboot, administrators should manually remove all leftover user-owned dmctl-* directories in '/var/run/xdmctl/'.
SolutionUpdate the affected kdebase and / or kdebase-devel packages.