Executive Summary
| Summary | |
|---|---|
| Title | kdebase security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2006:0548 | First vendor Publication | 2006-06-14 |
| Vendor | RedHat | Last vendor Modification | 2006-06-14 |
| Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:H/Au:N/C:C/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | High |
| Cvss Expoit Score | 1.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated kdebase packages that correct a security flaw in kdm are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the KDE Display Manager (KDM). Ludwig Nussel discovered a flaw in KDM. A malicious local KDM user could use a symlink attack to read an arbitrary file that they would not normally have permissions to read. (CVE-2006-2449) Note: this issue does not affect the version of KDM as shipped with Red Hat Enterprise Linux 2.1 or 3. All users of KDM should upgrade to these updated packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 194581 - CVE-2006-2449 kdm file disclosure |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2006-0548.html |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:9844 | |||
| Oval ID: | oval:org.mitre.oval:def:9844 | ||
| Title: | KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | ||
| Description: | KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2006-2449 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200606-23 (kdebase, KDM) File : nvt/glsa_200606_23.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1156-1 (kdebase) File : nvt/deb_1156_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 26511 | KDE KDM Login Sesson Type Symlink Arbitrary File Read KDM contains a flaw that may allow a malicious local user to read any files on the system. The issue is due to the 'ReadDmrc()' function reading temporary files insecurely. It is possible for a user to use a symlink style attack to read arbitrary files, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-301-1.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kdebase3-kdm-1609.nasl - Type : ACT_GATHER_INFO |
| 2007-02-18 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2006_039.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-725.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-726.nasl - Type : ACT_GATHER_INFO |
| 2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1156.nasl - Type : ACT_GATHER_INFO |
| 2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0548.nasl - Type : ACT_GATHER_INFO |
| 2006-06-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2006-178-01.nasl - Type : ACT_GATHER_INFO |
| 2006-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200606-23.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-105.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0548.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:50:04 |
|
