- Package name
- Advisory ID
- Affected versions
- 8.1 i586
A packaging problem that can lead to a root compromise existed in the expect package as provided in Mandrake Linux 8.1. expect would look for libraries in the directory /home/snailtalk/tmp/tcltk-root/usr/lib before any other and if such a user existed on the system, with rogue libraries, if root were to execute expect, a compromise could occur.
ae0c68032ee45c214fb7335ebb4dcd0d 8.1/RPMS/expect-8.3.3-9.1mdk.i586.rpm 9a9f9a5ca12504bbc45bff29a1029540 8.1/SRPMS/tcltk-8.3.3-9.1mdk.src.rpm