Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/glsa-200606-23.xml
blob: d1d0df32f0048365bee4f4a88c408a0ba4c0b384 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

<glsa id="200606-23">
  <title>KDM: Symlink vulnerability</title>
  <synopsis>
    KDM is vulnerable to a symlink vulnerability that can lead to disclosure of
    information.
  </synopsis>
  <product type="ebuild">kdebase, KDM</product>
  <announced>June 22, 2006</announced>
  <revised>June 24, 2006: 02</revised>
  <bug>136201</bug>
  <access>local</access>
  <affected>
    <package name="kde-base/kdebase" auto="yes" arch="*">
      <unaffected range="ge">3.5.2-r2</unaffected>
      <unaffected range="rge">3.4.3-r2</unaffected>
      <vulnerable range="lt">3.5.2-r2</vulnerable>
    </package>
    <package name="kde-base/kdm" auto="yes" arch="*">
      <unaffected range="ge">3.5.2-r1</unaffected>
      <unaffected range="rge">3.4.3-r2</unaffected>
      <vulnerable range="lt">3.5.2-r1</vulnerable>
    </package>
  </affected>
  <background>
    <p>
    KDE is a feature-rich graphical desktop environment for Linux and
    Unix-like Operating Systems. KDM is the KDE Display Manager and is part
    of the kdebase package.
    </p>
  </background>
  <description>
    <p>
    Ludwig Nussel discovered that KDM could be tricked into allowing users
    to read files that would otherwise not be readable.
    </p>
  </description>
  <impact type="normal">
    <p>
    A local attacker could exploit this issue to obtain potentially
    sensitive information that is usually not accessable to the local user
    such as shadow files or other user's files. The default Gentoo user
    running KDM is root and, as a result, the local attacker can read any
    file.
    </p>
  </impact>
  <workaround>
    <p>
    There is no known workaround at this time.
    </p>
  </workaround>
  <resolution>
    <p>
    All kdebase users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose kde-base/kdebase</code>
    <p>
    All KDE split ebuild users should upgrade to the latest KDM version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose kde-base/kdm</code>
  </resolution>
  <references>
    <uri link="http://www.kde.org/info/security/advisory-20060614-1.txt">KDE Security Advisory: KDM symlink attack vulnerability</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449">CVE-2006-2449</uri>
  </references>
  <metadata tag="submitter" timestamp="Wed, 14 Jun 2006 19:50:34 +0000">
    jaervosz
  </metadata>
  <metadata tag="bugReady" timestamp="Sun, 18 Jun 2006 09:50:44 +0000">
    jaervosz
  </metadata>
</glsa>