CVE-2008-2378 Information

Description

Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH related to improper handling of the -k option.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182 http://osvdb.org/50231 http://secunia.com/advisories/32831 http://secunia.com/advisories/32855 http://www.debian.org/security/2008/dsa-1668 http://www.securityfocus.com/bid/32421 https://exchange.xforce.ibmcloud.com/vulnerabilities/46806