Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:32448
HistoryMay 30, 2001 - 12:00 a.m.

Due to insecure creation of configuration files via KApplication-class, local users can create arbitrary files when running setuid root KDE programs

2001-05-3000:00:00
www.kb.cert.org
23

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

0.4%

JSON

Overview

KApplication-class, a class used to create KDE applications, creates configuration files without checking for proper ownership or prior existence.

Description

KApplication-class, a class used to create KDE applications, creates configuration files. These files are created in a local directory and named predictably based on the KDE application name. The CREAT call does not check for prior existence or proper ownership.

Impact

Using a symlink attack, an attacker my cause corruption of any file writable by the user of the application. If the application is setuid root, an attacker may cause corruption of any file in the system.

Solution

Contact vendor for patches.

The system administrator could create configuration files for common applications, appropriately named and protected, to forestall the symlink attack, but this would not be a robust fix and may need to be reapplied frequently.

Vendor Information

32448

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

RedHat __ Affected

Notified: June 05, 2000 Updated: May 29, 2001

Status

Affected

Vendor Statement

<http://www.linuxsecurity.com/advisories/redhat_advisory-470.html&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%2332448 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

The initial report of this vulnerability was made by Sebastian Krahmer.

This document was last modified by Tim Shimeall.

Other Information

CVE IDs: CVE-2000-0530
Severity Metric: 3.79 Date Public:

Related

cvelist 1
exploitdb 3
nvd 1
cve 1
cvelist
cvelist
CVE-2000-0530
2000-10-13 04:00:00
exploitdb
exploitdb
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (3)
2000-05-31 00:00:00
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (1)
2000-05-31 00:00:00
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (2)
2000-05-31 00:00:00
nvd
nvd
CVE-2000-0530
2000-05-31 04:00:00
cve
cve
CVE-2000-0530
2000-10-13 04:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

0.4%

JSON
Related for VU:32448
cvelist1exploitdb3nvd1cve1