blob: d1d0df32f0048365bee4f4a88c408a0ba4c0b384 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200606-23">
<title>KDM: Symlink vulnerability</title>
<synopsis>
KDM is vulnerable to a symlink vulnerability that can lead to disclosure of
information.
</synopsis>
<product type="ebuild">kdebase, KDM</product>
<announced>June 22, 2006</announced>
<revised>June 24, 2006: 02</revised>
<bug>136201</bug>
<access>local</access>
<affected>
<package name="kde-base/kdebase" auto="yes" arch="*">
<unaffected range="ge">3.5.2-r2</unaffected>
<unaffected range="rge">3.4.3-r2</unaffected>
<vulnerable range="lt">3.5.2-r2</vulnerable>
</package>
<package name="kde-base/kdm" auto="yes" arch="*">
<unaffected range="ge">3.5.2-r1</unaffected>
<unaffected range="rge">3.4.3-r2</unaffected>
<vulnerable range="lt">3.5.2-r1</vulnerable>
</package>
</affected>
<background>
<p>
KDE is a feature-rich graphical desktop environment for Linux and
Unix-like Operating Systems. KDM is the KDE Display Manager and is part
of the kdebase package.
</p>
</background>
<description>
<p>
Ludwig Nussel discovered that KDM could be tricked into allowing users
to read files that would otherwise not be readable.
</p>
</description>
<impact type="normal">
<p>
A local attacker could exploit this issue to obtain potentially
sensitive information that is usually not accessable to the local user
such as shadow files or other user's files. The default Gentoo user
running KDM is root and, as a result, the local attacker can read any
file.
</p>
</impact>
<workaround>
<p>
There is no known workaround at this time.
</p>
</workaround>
<resolution>
<p>
All kdebase users should upgrade to the latest version:
</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose kde-base/kdebase</code>
<p>
All KDE split ebuild users should upgrade to the latest KDM version:
</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose kde-base/kdm</code>
</resolution>
<references>
<uri link="http://www.kde.org/info/security/advisory-20060614-1.txt">KDE Security Advisory: KDM symlink attack vulnerability</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449">CVE-2006-2449</uri>
</references>
<metadata tag="submitter" timestamp="Wed, 14 Jun 2006 19:50:34 +0000">
jaervosz
</metadata>
<metadata tag="bugReady" timestamp="Sun, 18 Jun 2006 09:50:44 +0000">
jaervosz
</metadata>
</glsa>