CVE-2003-0262

Name of the Vulnerable Software and Affected Versions leksbot version 1.2.3

Description The issue concerns multiple vulnerabilities in the leksbot package of the Debian GNU/Linux operating system. These vulnerabilities can be exploited to compromise the confidentiality, integrity, and availability of protected information. Specifically, the leksbot package installs KATAXWR as setuid root, allowing local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges that KATAXWR is not designed to have.

Recommendations For leksbot version 1.2.3, consider removing the setuid root bit from KATAXWR to prevent local users from gaining root privileges until a patch is available. As a temporary workaround, restrict access to the KATAXWR utility to minimize the risk of exploitation.