From: Christer =?iso-8859-1?Q?=D6berg?=To: BUGTRAQ@SECURITYFOCUS.COM Subject: BubbleMon 1.31 Date: Mon, 16 Apr 2001 01:12:53 +0200 VULNERABILITY DESCRIPTION Users can execute programs/shellscript by clicking on the bubblemon app. bubblemon is installed sgid kmem on FreeBSD and does not drop its egid before executing programs. VERSIONS AFFECTED All versions of BubbleMon up to 1.32 installed on FreeBSD . EXAMPLE $ id uid=1000(christer) gid=1000(christer) groups=1000(christer) $ bubblemon id uid=1000(christer) gid=1000(christer) egid=2(kmem) groups=2(kmem), 1000(christer) FIX Get the new fixed version BubbleMon 1.32 from http://www.ne.jp/asahi/linux/timecop