Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.