The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4124
donnie, you touched this the last time, could you bump it?
There's currently no known patch for this on upstream sites, or anywhere at all in security sites. [07:45] <redpig> it looks like gentoo's build uses --enable-production [07:46] <redpig> I haven't looked at the source but *supposedly* that'll disable DEBUG_FILE there's the rare cass that people decide to use EXTRA_ECONF to pass a disable flag in but.. Anyways, until we can get a patch for this one I say mask/punt the sucker.
Agree with Chris -- we aren't susceptible. Verified in the source. For anyone else who cares to duplicate, track LESSTIF_PRODUCTION from configure.in to ./include/LTconfig.h.in to ./lib/Xm-2.1/DebugUtil.c.
I don't think we support all EXTRA_ECONF scenarios so I'm closing this one as invalid.
