CVE-2007-4432 Information

Description

Untrusted search path vulnerability in the wrapper scripts for the (1) rug (2) zen-updater (3) zen-installer and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.

Reference

http://osvdb.org/46781 http://osvdb.org/46782 http://osvdb.org/46783 http://osvdb.org/46784 http://secunia.com/advisories/26543 http://www.novell.com/linux/security/advisories/2007_17_sr.html