iDEFENSE Security Advisory 08.25.04-2 – Exploitation of a buffer overflow in the libDtHelp library included with CDE can allow local attackers to gain root privileges. The vulnerability specifically exists due to a lack of bounds checking on the LOGNAME environment variable. Local attackers can specify a long LOGNAME to trigger a buffer overflow in any application linked with libDtHelp. The overflow is activated once the help subsystem is accessed by selecting any option under the Help menu.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/34169/08.25.04-2.txt
Source: https://packetstormsecurity.com/files/34169/iDEFENSE-Security-Advisory-2004-08-25.2.html