Debian Security Advisory DSA 815-1 - Ilja van Sprundel discovered a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access.
b155825f61d54781f87768ef4356bafdbe992c04e8ff2d5b30a1c6e01f40c8da
Suresec Security Advisory - A lockfile handling error was found in kcheckpass which can, in certain configurations, be used to create world writable files. kdebase versions 3.2.0 through 3.4.2 are susceptible.
a3aa3af306ee8b641cb1cb6ed4cf51efb1c6a63968d144463c1c600707cd4c6e
Ubuntu Security Notice USN-176-1 - Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.
b419e916d6eaef50b8207c2fddbe8550191cd454338f309985dd513d0f2b8933
KDE Security Advisory: Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass. Affected are all KDE releases starting from KDE 3.2.0 up to including KDE 3.4.2.
e4126780e1718411fc8d987b510d320c1017a094f233983191e32430a74092d1