7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.6%
kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff
marc.info/?l=bugtraq&m=112603999215453&w=2
marc.info/?l=bugtraq&m=112611555928169&w=2
secunia.com/advisories/16692
secunia.com/advisories/18139
secunia.com/advisories/21481
www.debian.org/security/2005/dsa-815
www.kde.org/info/security/advisory-20050905-1.txt
www.mandriva.com/security/advisories?name=MDKSA-2005:160
www.redhat.com/support/errata/RHSA-2006-0582.html
www.securityfocus.com/bid/14736
www.suresec.org/advisories/adv6.pdf
www.ubuntu.com/usn/usn-176-1
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388