First posted to bugtraq by Andre Cruz <afafc@CAMOES.RNL.IST.UTL.PT> on February 18, 1999.
S.u.S.E. Linux 6.0
xtvscreen is a screen capture utility shipped with SuSE Linux 6. It's supposed to create files in it's working directory to store the captured images. Unfortunately, it will also follow symlinks. Since xtvscreen is suid root by default, it will overwrite any file on the system.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org.
The quickest way to solve the problem is to chmod -s xtvscreen.