Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title KDENetwork vulnerability
Informations
Name USN-1114-1 First vendor Publication 2011-04-18
Vendor Ubuntu Last vendor Modification 2011-04-18
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:P)
Cvss Base Score 5.8 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 9.10

Summary:

An attacker could overwrite files owned by the user if KGet opened a crafted metalink file.

Software Description: - kdenetwork: networking applications for KDE 4

Details:

It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.10:
kget 4:4.5.1-0ubuntu2.2

Ubuntu 10.04 LTS:
kget 4:4.4.5-0ubuntu1.1

Ubuntu 9.10:
kget 4:4.3.2-0ubuntu4.5

After a standard system update you need to restart KGet to make all the necessary changes.

References:
CVE-2011-1586

Package Information:
https://launchpad.net/ubuntu/+source/kdenetwork/4:4.5.1-0ubuntu2.2
https://launchpad.net/ubuntu/+source/kdenetwork/4:4.4.5-0ubuntu1.1
https://launchpad.net/ubuntu/+source/kdenetwork/4:4.3.2-0ubuntu4.5

Original Source

Url : http://www.ubuntu.com/usn/USN-1114-1

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13898
 
Oval ID: oval:org.mitre.oval:def:13898
Title: USN-1114-1 -- kdenetwork vulnerability
Description: kdenetwork: networking applications for KDE 4 An attacker could overwrite files owned by the user if KGet opened a crafted metalink file.
Family: unix Class: patch
Reference(s): USN-1114-1
CVE-2011-1586
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): kdenetwork
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21934
 
Oval ID: oval:org.mitre.oval:def:21934
Title: RHSA-2011:0465: kdenetwork security update (Important)
Description: Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.
Family: unix Class: patch
Reference(s): RHSA-2011:0465-01
CVE-2011-1586
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): kdenetwork
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23429
 
Oval ID: oval:org.mitre.oval:def:23429
Title: ELSA-2011:0465: kdenetwork security update (Important)
Description: Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.
Family: unix Class: patch
Reference(s): ELSA-2011:0465-01
CVE-2011-1586
Version: 6
Platform(s): Oracle Linux 6
Product(s): kdenetwork
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27759
 
Oval ID: oval:org.mitre.oval:def:27759
Title: DEPRECATED: ELSA-2011-0465 -- kdenetwork security update (important)
Description: [7:4.3.4-11.1] - CVE-2010-1000, improper sanitization of metalink attribute for downloading files
Family: unix Class: patch
Reference(s): ELSA-2011-0465
CVE-2011-1586
Version: 4
Platform(s): Oracle Linux 6
Product(s): kdenetwork
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 70

OpenVAS Exploits

Date Description
2012-06-06 Name : RedHat Update for kdenetwork RHSA-2011:0465-01
File : nvt/gb_RHSA-2011_0465-01_kdenetwork.nasl
2011-05-10 Name : Ubuntu Update for kdenetwork USN-1114-1
File : nvt/gb_ubuntu_USN_1114_1.nasl
2011-05-06 Name : Mandriva Update for kdenetwork4 MDVSA-2011:081 (kdenetwork4)
File : nvt/gb_mandriva_MDVSA_2011_081.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
74943 KDE KGet ui/metalinkcreator/metalinker.cpp KGetMetalink::File::isValidNameAtt...

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0465.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110421_kdenetwork_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1114-1.nasl - Type : ACT_GATHER_INFO
2011-05-03 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-081.nasl - Type : ACT_GATHER_INFO
2011-04-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0465.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:58:31
  • Multiple Updates