A vulnerability has been found and corrected in banshee: The banshee-1 and muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . Packages for 2009.0 are provided as of the Extended Maintenance Program