“A vulnerability exists in the handling of the DISPLAY variable,
in versions of Gnomelib shipped with S.u.S.E. Linux, version 6.3.
By supplying a long buffer containing machine executable code
in the DISPLAY environment variable, it is possible to execute
arbitrary code with the permissions of the user running the
binary. In the case of a setuid binary, it is possible to
obtain the privileges of the user it is setuid to. This in turn may
be used to elevate privileges, and in theory could result in local
root compromise.”
“S.u.S.E. 6.3 ships with 1 setgid application,
/opt/gnome/sbin/gnome-pty-helper, which is setgid tty. 6.4 ships
with setgid gnome games. The version of gnomelib included with
S.u.S.E. 6.4 is not vulnerable to this attack, however.”