ID OPENVAS:53913 Type openvas Reporter Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com Modified 2017-07-07T00:00:00
Description
The remote host is missing an update as announced
via advisory SSA:2004-247-01.
# OpenVAS Vulnerability Test
# $Id: esoft_slk_ssa_2004_247_01.nasl 6598 2017-07-07 09:36:44Z cfischer $
# Description: Auto-generated from the corresponding slackware advisory
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "New kdelibs and kdebase packages are available for Slackware 9.1, 10.0,
and -current to fix security issues.";
tag_summary = "The remote host is missing an update as announced
via advisory SSA:2004-247-01.";
tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-247-01";
if(description)
{
script_id(53913);
script_tag(name:"creation_date", value:"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $");
script_cve_id("CVE-2004-0689", "CVE-2004-0690", "CVE-2004-0721", "CVE-2004-0746");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_version("$Revision: 6598 $");
name = "Slackware Advisory SSA:2004-247-01 kde ";
script_name(name);
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
script_family("Slackware Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-slack.inc");
vuln = 0;
if(isslkpkgvuln(pkg:"kdebase", ver:"3.1.4-i486-2", rls:"SLK9.1")) {
vuln = 1;
}
if(isslkpkgvuln(pkg:"kdelibs", ver:"3.1.4-i486-3", rls:"SLK9.1")) {
vuln = 1;
}
if(isslkpkgvuln(pkg:"kdebase", ver:"3.2.3-i486-2", rls:"SLK10.0")) {
vuln = 1;
}
if(isslkpkgvuln(pkg:"kdelibs", ver:"3.2.3-i486-2", rls:"SLK10.0")) {
vuln = 1;
}
if(vuln) {
security_message(0);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:53913", "type": "openvas", "bulletinFamily": "scanner", "title": "Slackware Advisory SSA:2004-247-01 kde", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-247-01.", "published": "2012-09-11T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=53913", "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746", "CVE-2004-0690"], "lastseen": "2017-07-24T12:50:34", "viewCount": 0, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2017-07-24T12:50:34", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:52423", "OPENVAS:54990", "OPENVAS:136141256231065461", "OPENVAS:52414", "OPENVAS:53229", "OPENVAS:52398", "OPENVAS:65461", "OPENVAS:136141256231053913"]}, {"type": "slackware", "idList": ["SSA-2004-247-01"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2004-247-01.NASL", "FREEBSD_PKG_603FE36DEC9D11D8B913000C41E2CDAD.NASL", "MANDRAKE_MDKSA-2004-086.NASL", "FREEBSD_PKG_2797B27AF55B11D881B0000347A4FA7D.NASL", "REDHAT-RHSA-2004-412.NASL", "DEBIAN_DSA-539.NASL", "FEDORA_2004-292.NASL", "FEDORA_2004-291.NASL", "FEDORA_2004-290.NASL", "FEDORA_2004-293.NASL"]}, {"type": "cve", "idList": ["CVE-2004-0690", "CVE-2004-0689", "CVE-2004-0721", "CVE-2004-0746"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6832", "SECURITYVULNS:DOC:6666", "SECURITYVULNS:DOC:6606"]}, {"type": "redhat", "idList": ["RHSA-2004:412"]}, {"type": "freebsd", "idList": ["603FE36D-EC9D-11D8-B913-000C41E2CDAD", "2797B27A-F55B-11D8-81B0-000347A4FA7D", "641859E8-ECA1-11D8-B913-000C41E2CDAD"]}, {"type": "osvdb", "idList": ["OSVDB:8589", "OSVDB:10002", "OSVDB:8590", "OSVDB:7296", "OSVDB:9117"]}, {"type": "cert", "idList": ["VU:330638"]}, {"type": "debian", "idList": ["DEBIAN:DSA-539-1:C1ECB"]}, {"type": "suse", "idList": ["SUSE-SA:2004:035"]}], "modified": "2017-07-24T12:50:34", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "53913", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_247_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New kdelibs and kdebase packages are available for Slackware 9.1, 10.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2004-247-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-247-01\";\n \nif(description)\n{\n script_id(53913);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\", \"CVE-2004-0746\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2004-247-01 kde \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"kdebase\", ver:\"3.1.4-i486-2\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"kdelibs\", ver:\"3.1.4-i486-3\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"kdebase\", ver:\"3.2.3-i486-2\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"kdelibs\", ver:\"3.2.3-i486-2\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Slackware Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:33:39", "description": "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.", "edition": 3, "cvss3": {}, "published": "2004-09-28T04:00:00", "title": "CVE-2004-0690", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0690"], "modified": "2017-07-11T01:30:00", "cpe": ["cpe:/o:kde:kde:3.2.1"], "id": "CVE-2004-0690", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0690", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:39", "description": "Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.", "edition": 3, "cvss3": {}, "published": "2004-07-27T04:00:00", "title": "CVE-2004-0721", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0721"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:kde:konqueror:3.1.3", "cpe:/a:kde:konqueror:3.2.2"], "id": "CVE-2004-0721", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0721", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.2.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:39", "description": "Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.", "edition": 3, "cvss3": {}, "published": "2004-10-20T04:00:00", "title": "CVE-2004-0746", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0746"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:kde:konqueror:3.1.3", "cpe:/a:kde:konqueror:3.0.5b", "cpe:/a:kde:konqueror:3.0.2", "cpe:/o:kde:kde:3.2", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "cpe:/o:suse:suse_linux:9.1", "cpe:/a:kde:konqueror:3.0", "cpe:/o:mandrakesoft:mandrake_linux:9.2", "cpe:/a:kde:konqueror:3.1.5", "cpe:/o:suse:suse_linux:8.1", "cpe:/a:kde:konqueror:3.2.3", "cpe:/o:gentoo:linux:1.4", "cpe:/o:suse:suse_linux:8.2", "cpe:/a:kde:konqueror:3.1.1", "cpe:/a:kde:konqueror:3.0.3", "cpe:/o:kde:kde:3.1.3", "cpe:/a:kde:konqueror:3.2.1", "cpe:/o:suse:suse_linux:8", "cpe:/a:kde:konqueror:3.0.5", "cpe:/a:kde:konqueror:3.1.2", "cpe:/a:kde:konqueror:3.0.1", "cpe:/a:kde:konqueror:3.1", "cpe:/o:suse:suse_linux:9.0"], "id": "CVE-2004-0746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0746", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*", "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:21:32", "description": "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files.", "edition": 5, "cvss3": {}, "published": "2004-09-28T04:00:00", "title": "CVE-2004-0689", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0689"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/o:kde:kde:3.3.0"], "id": "CVE-2004-0689", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0689", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*"]}], "slackware": [{"lastseen": "2020-10-25T16:36:00", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0689", "CVE-2004-0690", "CVE-2004-0721", "CVE-2004-0746"], "description": "New kdelibs and kdebase packages are available for Slackware 9.1, 10.0,\nand -current to fix security issues.\n\nMore details about this issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746\n\n\nHere are the details from the Slackware 10.0 ChangeLog:\n\nFri Sep 3 13:13:09 PDT 2004\npatches/packages/kdebase-3.2.3-i486-2.tgz: Patched frame injection\n vulnerability in Konqueror. For more details, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721\n (* Security fix *)\npatches/packages/kdelibs-3.2.3-i486-2.tgz: Patched unsafe temporary directory\n usage, cross-domain cookie injection vulnerability for certain country\n specific domains, and frame injection vulnerability in Konqueror.\n For more details, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated packages for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kdebase-3.1.4-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kdelibs-3.1.4-i486-3.tgz\n\nUpdated packages for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/kdebase-3.2.3-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/kdelibs-3.2.3-i486-2.tgz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-3.2.3-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdelibs-3.2.3-i486-2.tgz\n\n\nMD5 signatures:\n\nSlackware 9.1 packages:\n296fc0b2d31c5914b08ab54332312cf9 kdebase-3.1.4-i486-2.tgz\nc0de072389daeb6bd8a1cde2ed1dc8ef kdelibs-3.1.4-i486-3.tgz\n\nSlackware 10.0 packages:\n528edca97f8d6c412742fa8f817abd76 kdebase-3.2.3-i486-2.tgz\n8eabfa597ea805ceb457933d36e144be kdelibs-3.2.3-i486-2.tgz\n\nSlackware -current packages:\n528edca97f8d6c412742fa8f817abd76 kdebase-3.2.3-i486-2.tgz\n8eabfa597ea805ceb457933d36e144be kdelibs-3.2.3-i486-2.tgz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kdebase-3.2.3-i486-2.tgz kdelibs-3.2.3-i486-2.tgz", "modified": "2004-09-04T05:01:35", "published": "2004-09-04T05:01:35", "id": "SSA-2004-247-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345", "type": "slackware", "title": "[slackware-security] kde", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:39:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746", "CVE-2004-0690"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-247-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231053913", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231053913", "type": "openvas", "title": "Slackware Advisory SSA:2004-247-01 kde", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_247_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.53913\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\", \"CVE-2004-0746\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2004-247-01 kde\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.1|10\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-247-01\");\n\n script_tag(name:\"insight\", value:\"New kdelibs and kdebase packages are available for Slackware 9.1, 10.0,\nand -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2004-247-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"kdebase\", ver:\"3.1.4-i486-2\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"kdelibs\", ver:\"3.1.4-i486-3\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"kdebase\", ver:\"3.2.3-i486-2\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"kdelibs\", ver:\"3.2.3-i486-2\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:38:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0690"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdelibs3-devel\n kdelibs3\n kdebase3\n kdebase3-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5010460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065461", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065461", "type": "openvas", "title": "SLES9: Security update for KDE", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5010460.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for KDE\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdelibs3-devel\n kdelibs3\n kdebase3\n kdebase3-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5010460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65461\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for KDE\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.2.1~44.28\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0690"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdelibs3-devel\n kdelibs3\n kdebase3\n kdebase3-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5010460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65461", "href": "http://plugins.openvas.org/nasl.php?oid=65461", "type": "openvas", "title": "SLES9: Security update for KDE", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5010460.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for KDE\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdelibs3-devel\n kdelibs3\n kdebase3\n kdebase3-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5010460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65461);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for KDE\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.2.1~44.28\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0689", "CVE-2004-0690"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-21T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52423", "href": "http://plugins.openvas.org/nasl.php?oid=52423", "type": "openvas", "title": "FreeBSD Ports: kdelibs", "sourceData": "#\n#VID 603fe36d-ec9d-11d8-b913-000c41e2cdad\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: kdelibs\n\nCVE-2004-0689\nKDE before 3.3.0 does not properly handle when certain symbolic links\npoint to 'stale' locations, which could allow local users to create or\ntruncate arbitrary files.\n\nCVE-2004-0690\nThe DCOPServer in KDE 3.2.3 and earlier allows local users to gain\nunauthorized access via a symlink attack on DCOP files in the /tmp\ndirectory.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kde.org/info/security/advisory-20040811-1.txt\nhttp://www.kde.org/info/security/advisory-20040811-2.txt\nftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kstandarddirs.patch\nftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-dcopserver.patch\nhttp://www.vuxml.org/freebsd/603fe36d-ec9d-11d8-b913-000c41e2cdad.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52423);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: kdelibs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"kdelibs\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.3_3\")<=0) {\n txt += 'Package kdelibs version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0746"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-21T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52414", "href": "http://plugins.openvas.org/nasl.php?oid=52414", "type": "openvas", "title": "FreeBSD Ports: kdelibs", "sourceData": "#\n#VID 2797b27a-f55b-11d8-81b0-000347a4fa7d\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: kdelibs\n\nCVE-2004-0746\nKonqueror in KDE 3.2.3 and earlier allows web sites to set cookies for\ncountry-specific top-level domains, such as .ltd.uk, .plc.uk and\n.firm.in, which could allow remote attackers to perform a session\nfixation attack and hijack a user's HTTP session.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52414);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0746\");\n script_bugtraq_id(10991);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: kdelibs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.kde.org/info/security/advisory-20040823-1.txt\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/12341\");\n script_xref(name : \"URL\" , value : \"http://www.acros.si/papers/session_fixation.pdf\");\n script_xref(name : \"URL\" , value : \"http://www.vuxml.org/freebsd/2797b27a-f55b-11d8-81b0-000347a4fa7d.html\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"kdelibs\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.3_3\")<0) {\n txt += 'Package kdelibs version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0689"], "description": "The remote host is missing an update to kdelibs\nannounced via advisory DSA 539-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53229", "href": "http://plugins.openvas.org/nasl.php?oid=53229", "type": "openvas", "title": "Debian Security Advisory DSA 539-1 (kdelibs)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_539_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 539-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SUSE security team was alerted that in some cases the integrity of\nsymlinks used by KDE are not ensured and that these symlinks can be\npointing to stale locations. This can be abused by a local attacker\nto create or truncate arbitrary files or to prevent KDE applications\nfrom functioning correctly.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 2.2.2-13.woody.12.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 3.3.0-1.\n\nWe recommend that you upgrade your kde packages.\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory DSA 539-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20539-1\";\n\nif(description)\n{\n script_id(53229);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0689\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 539-1 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kdelibs3-doc\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs-dev\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs3\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs3-bin\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdelibs3-cups\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarts\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarts-alsa\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarts-dev\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkmid\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkmid-alsa\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkmid-dev\", ver:\"2.2.2-13.woody.12\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0717", "CVE-2004-0718", "CVE-2004-0721"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-21T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52398", "href": "http://plugins.openvas.org/nasl.php?oid=52398", "type": "openvas", "title": "FreeBSD Ports: kdelibs", "sourceData": "#\n#VID 641859e8-eca1-11d8-b913-000c41e2cdad\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n kdelibs\n kdebase\n linux-opera\n opera\n firefox\n linux-mozilla\n linux-mozilla-devel\n mozilla-gtk1\n mozilla\n netscape7\n\nCVE-2004-0717\nOpera 7.51 for Windows and 7.50 for Linux does not properly prevent a\nframe in one domain from injecting content into a frame that belongs\nto another domain, which facilitates web site spoofing and other\nattacks, aka the frame injection vulnerability.\n\nCVE-2004-0718\nThe (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4)\nNetscape 7.1 web browsers do not properly prevent a frame in one\ndomain from injecting content into a frame that belongs to another\ndomain, which facilitates web site spoofing and other attacks, aka the\nframe injection vulnerability.\n\nCVE-2004-0721\nKonqueror 3.1.3, 3.2.2, and possibly other versions does not properly\nprevent a frame in one domain from injecting content into a frame that\nbelongs to another domain, which facilitates web site spoofing and\nother attacks, aka the frame injection vulnerability.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/11978/\nhttp://bugzilla.mozilla.org/show_bug.cgi?id=246448\nftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-htmlframes.patch\nftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdebase-htmlframes.patch\nhttp://www.vuxml.org/freebsd/641859e8-eca1-11d8-b913-000c41e2cdad.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52398);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0717\", \"CVE-2004-0718\", \"CVE-2004-0721\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: kdelibs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"kdelibs\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.3_3\")<0) {\n txt += 'Package kdelibs version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"kdebase\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.3_1\")<0) {\n txt += 'Package kdebase version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-opera\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.50\")>=0 && revcomp(a:bver, b:\"7.52\")<0) {\n txt += 'Package linux-opera version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"opera\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.50\")>=0 && revcomp(a:bver, b:\"7.52\")<0) {\n txt += 'Package opera version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-mozilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7\")<0) {\n txt += 'Package linux-mozilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-mozilla-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7\")<0) {\n txt += 'Package linux-mozilla-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"mozilla-gtk1\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7\")<0) {\n txt += 'Package mozilla-gtk1 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"mozilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7,2\")<0) {\n txt += 'Package mozilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"netscape7\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.2\")<0) {\n txt += 'Package netscape7 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0717", "CVE-2004-0718", "CVE-2004-0721", "CVE-2004-0719", "CVE-2004-0720"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200507-14.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54990", "href": "http://plugins.openvas.org/nasl.php?oid=54990", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200507-14 (mozilla)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities in Mozilla Firefox allow attacks ranging from\nexecution of script code with elevated privileges to information leak.\";\ntag_solution = \"All Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/mozilla-firefox-1.0.5'\n\nAll Mozilla Firefox binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/mozilla-firefox-bin-1.0.5'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200507-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=95199\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200507-14.\";\n\n \n\nif(description)\n{\n script_id(54990);\n script_version(\"$Revision: 6596 $\");\n script_cve_id(\"CVE-2004-0717\", \"CVE-2004-0718\", \"CVE-2004-0719\", \"CVE-2004-0720\",\n \"CVE-2004-0721\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200507-14 (mozilla)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox\", unaffected: make_list(\"ge 1.0.5\"), vulnerable: make_list(\"lt 1.0.5\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox-bin\", unaffected: make_list(\"ge 1.0.5\"), vulnerable: make_list(\"lt 1.0.5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:51:22", "description": "A number of vulnerabilities were discovered in KDE that are corrected\nwith these update packages.\n\nThe integrity of symlinks used by KDE are not ensured and as a result\ncan be abused by local attackers to create or truncate arbitrary files\nor to prevent KDE applications from functioning correctly\n(CVE-2004-0689).\n\nThe DCOPServer creates temporary files in an insecure manner. These\ntemporary files are used for authentication-related purposes, so this\ncould potentially allow a local attacker to compromise the account of\nany user running a KDE application (CVE-2004-0690). Note that only KDE\n3.2.x is affected by this vulnerability.\n\nThe Konqueror web browser allows websites to load web pages into a\nframe of any other frame-based web page that the user may have open.\nThis could potentially allow a malicious website to make Konqueror\ninsert its own frames into the page of an otherwise trusted website\n(CVE-2004-0721).\n\nThe Konqueror web browser also allows websites to set cookies for\ncertain country-specific top-level domains. This can be done to make\nKonqueror send the cookies to all other web sites operating under the\nsame domain, which can be abused to become part of a session fixation\nattack. All country-specific secondary top-level domains that use more\nthan 2 characters in the secondary part of the domain name, and that\nuse a secondary part other than com, net, mil, org, gove, edu, or int\nare affected (CVE-2004-0746).", "edition": 24, "published": "2004-08-22T00:00:00", "title": "Mandrake Linux Security Advisory : kdelibs/kdebase (MDKSA-2004:086)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746", "CVE-2004-0690"], "modified": "2004-08-22T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libkdebase4-kmenuedit", "p-cpe:/a:mandriva:linux:lib64kdecore4-devel", "p-cpe:/a:mandriva:linux:libkdebase4", "p-cpe:/a:mandriva:linux:kdebase-kmenuedit", "p-cpe:/a:mandriva:linux:lib64kdebase4-kmenuedit", "p-cpe:/a:mandriva:linux:kdebase-kdm-config-file", "p-cpe:/a:mandriva:linux:kdelibs-common", "p-cpe:/a:mandriva:linux:libkdebase4-konsole", "p-cpe:/a:mandriva:linux:lib64kdebase4", "p-cpe:/a:mandriva:linux:libkdebase4-nsplugins-devel", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins-devel", "p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins", "p-cpe:/a:mandriva:linux:libkdebase4-kate-devel", "p-cpe:/a:mandriva:linux:lib64kdebase4-konsole", "cpe:/o:mandrakesoft:mandrake_linux:9.2", "p-cpe:/a:mandriva:linux:lib64kdebase4-devel", "p-cpe:/a:mandriva:linux:kdebase-kdm", "p-cpe:/a:mandriva:linux:kdebase", "p-cpe:/a:mandriva:linux:kdebase-konsole", "p-cpe:/a:mandriva:linux:kdebase-kcontrol-data", "p-cpe:/a:mandriva:linux:lib64kdebase4-kate-devel", "p-cpe:/a:mandriva:linux:kdebase-nsplugins", "p-cpe:/a:mandriva:linux:libkdebase4-nsplugins", "p-cpe:/a:mandriva:linux:kdebase-progs", "p-cpe:/a:mandriva:linux:kdebase-common", "p-cpe:/a:mandriva:linux:libkdecore4-devel", "p-cpe:/a:mandriva:linux:kdebase-kate", "p-cpe:/a:mandriva:linux:libkdebase4-kate", "p-cpe:/a:mandriva:linux:lib64kdecore4", "p-cpe:/a:mandriva:linux:lib64kdebase4-kate", "p-cpe:/a:mandriva:linux:libkdebase4-devel", "p-cpe:/a:mandriva:linux:libkdecore4", "p-cpe:/a:mandriva:linux:kdebase-kdeprintfax"], "id": "MANDRAKE_MDKSA-2004-086.NASL", "href": "https://www.tenable.com/plugins/nessus/14335", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:086. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14335);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\", \"CVE-2004-0746\");\n script_xref(name:\"MDKSA\", value:\"2004:086\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kdelibs/kdebase (MDKSA-2004:086)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities were discovered in KDE that are corrected\nwith these update packages.\n\nThe integrity of symlinks used by KDE are not ensured and as a result\ncan be abused by local attackers to create or truncate arbitrary files\nor to prevent KDE applications from functioning correctly\n(CVE-2004-0689).\n\nThe DCOPServer creates temporary files in an insecure manner. These\ntemporary files are used for authentication-related purposes, so this\ncould potentially allow a local attacker to compromise the account of\nany user running a KDE application (CVE-2004-0690). Note that only KDE\n3.2.x is affected by this vulnerability.\n\nThe Konqueror web browser allows websites to load web pages into a\nframe of any other frame-based web page that the user may have open.\nThis could potentially allow a malicious website to make Konqueror\ninsert its own frames into the page of an otherwise trusted website\n(CVE-2004-0721).\n\nThe Konqueror web browser also allows websites to set cookies for\ncertain country-specific top-level domains. This can be done to make\nKonqueror send the cookies to all other web sites operating under the\nsame domain, which can be abused to become part of a session fixation\nattack. All country-specific secondary top-level domains that use more\nthan 2 characters in the secondary part of the domain name, and that\nuse a secondary part other than com, net, mil, org, gove, edu, or int\nare affected (CVE-2004-0746).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20040811-1.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20040811-2.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20040811-3.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20040820-1.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kcontrol-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdeprintfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdm-config-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-nsplugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-common-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kate-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kcontrol-data-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdeprintfax-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdm-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdm-config-file-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kmenuedit-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-konsole-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-nsplugins-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-progs-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdelibs-common-3.2-36.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kmenuedit-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-konsole-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdecore4-3.2-36.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdecore4-devel-3.2-36.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kate-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kate-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kmenuedit-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-konsole-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-devel-3.2-79.2.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdecore4-3.2-36.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdecore4-devel-3.2-36.3.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-common-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-kate-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-kdeprintfax-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-kdm-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-kdm-config-file-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-konsole-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-nsplugins-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdebase-progs-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kdelibs-common-3.1.3-35.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-konsole-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdecore4-3.1.3-35.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64kdecore4-devel-3.1.3-35.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-kate-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-kate-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-konsole-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-devel-3.1.3-79.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdecore4-3.1.3-35.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkdecore4-devel-3.1.3-35.3.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:16", "description": "New kdelibs and kdebase packages are available for Slackware 9.1,\n10.0, and -current to fix security issues.", "edition": 24, "published": "2005-07-13T00:00:00", "title": "Slackware 10.0 / 9.1 / current : kde (SSA:2004-247-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746", "CVE-2004-0690"], "modified": "2005-07-13T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kdebase", "p-cpe:/a:slackware:slackware_linux:kdelibs", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2004-247-01.NASL", "href": "https://www.tenable.com/plugins/nessus/18782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2004-247-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18782);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\", \"CVE-2004-0721\", \"CVE-2004-0746\");\n script_xref(name:\"SSA\", value:\"2004-247-01\");\n\n script_name(english:\"Slackware 10.0 / 9.1 / current : kde (SSA:2004-247-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kdelibs and kdebase packages are available for Slackware 9.1,\n10.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?910af434\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdebase and / or kdelibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"kdebase\", pkgver:\"3.1.4\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\nif (slackware_check(osver:\"9.1\", pkgname:\"kdelibs\", pkgver:\"3.1.4\", pkgarch:\"i486\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"kdebase\", pkgver:\"3.2.3\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"kdelibs\", pkgver:\"3.2.3\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"kdebase\", pkgver:\"3.2.3\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kdelibs\", pkgver:\"3.2.3\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:43", "description": "Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these erratum packages,\nwhich contain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-09-09T00:00:00", "title": "Fedora Core 1 : kdelibs-3.1.4-7 (2004-290)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746"], "modified": "2004-09-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo", "p-cpe:/a:fedoraproject:fedora:kdelibs", "p-cpe:/a:fedoraproject:fedora:kdelibs-devel", "cpe:/o:fedoraproject:fedora_core:1"], "id": "FEDORA_2004-290.NASL", "href": "https://www.tenable.com/plugins/nessus/14688", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-290.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14688);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0689\");\n script_xref(name:\"FEDORA\", value:\"2004-290\");\n\n script_name(english:\"Fedora Core 1 : kdelibs-3.1.4-7 (2004-290)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these erratum packages,\nwhich contain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-September/000282.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e33a980c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kdelibs, kdelibs-debuginfo and / or kdelibs-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 1.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC1\", reference:\"kdelibs-3.1.4-7\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"kdelibs-debuginfo-3.1.4-7\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"kdelibs-devel-3.1.4-7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-debuginfo / kdelibs-devel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:43", "description": "Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-09-09T00:00:00", "title": "Fedora Core 1 : kdebase-3.1.4-7 (2004-292)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746"], "modified": "2004-09-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdebase-devel", "p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo", "p-cpe:/a:fedoraproject:fedora:kdebase", "cpe:/o:fedoraproject:fedora_core:1"], "id": "FEDORA_2004-292.NASL", "href": "https://www.tenable.com/plugins/nessus/14690", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-292.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14690);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0689\");\n script_xref(name:\"FEDORA\", value:\"2004-292\");\n\n script_name(english:\"Fedora Core 1 : kdebase-3.1.4-7 (2004-292)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-September/000284.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62b46c3d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kdebase, kdebase-debuginfo and / or kdebase-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 1.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC1\", reference:\"kdebase-3.1.4-7\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"kdebase-debuginfo-3.1.4-7\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"kdebase-devel-3.1.4-7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdebase / kdebase-debuginfo / kdebase-devel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:43", "description": "Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-09-09T00:00:00", "title": "Fedora Core 2 : kdelibs-3.2.2-8.FC2 (2004-291)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746"], "modified": "2004-09-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo", "p-cpe:/a:fedoraproject:fedora:kdelibs", "p-cpe:/a:fedoraproject:fedora:kdelibs-devel"], "id": "FEDORA_2004-291.NASL", "href": "https://www.tenable.com/plugins/nessus/14689", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-291.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14689);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0689\");\n script_xref(name:\"FEDORA\", value:\"2004-291\");\n\n script_name(english:\"Fedora Core 2 : kdelibs-3.2.2-8.FC2 (2004-291)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-September/000283.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74487c49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kdelibs, kdelibs-debuginfo and / or kdelibs-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"kdelibs-3.2.2-8.FC2\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"kdelibs-debuginfo-3.2.2-8.FC2\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"kdelibs-devel-3.2.2-8.FC2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdelibs-debuginfo / kdelibs-devel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:43", "description": "Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-09-09T00:00:00", "title": "Fedora Core 2 : kdebase-3.2.2-6.FC2 (2004-293)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746"], "modified": "2004-09-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:kdebase-devel", "p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo", "p-cpe:/a:fedoraproject:fedora:kdebase"], "id": "FEDORA_2004-293.NASL", "href": "https://www.tenable.com/plugins/nessus/14691", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-293.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14691);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0689\");\n script_xref(name:\"FEDORA\", value:\"2004-293\");\n\n script_name(english:\"Fedora Core 2 : kdebase-3.2.2-6.FC2 (2004-293)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these packages, which\ncontain backported patches from the KDE team for these issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-September/000285.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85153fe0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kdebase, kdebase-debuginfo and / or kdebase-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdebase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"kdebase-3.2.2-6.FC2\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"kdebase-debuginfo-3.2.2-6.FC2\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"kdebase-devel-3.2.2-6.FC2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdebase / kdebase-debuginfo / kdebase-devel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:19", "description": "Updated kdelib and kdebase packages that resolve multiple security\nissues are now available.\n\nThe kdelibs packages include libraries for the K Desktop Environment.\nThe kdebase packages include core applications for the K Desktop\nEnvironment.\n\nAndrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these erratum packages,\nwhich contain backported patches from the KDE team for these issues.", "edition": 27, "published": "2004-10-06T00:00:00", "title": "RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2004:412)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0746", "CVE-2004-0867", "CVE-2004-0866"], "modified": "2004-10-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:kdelibs", "p-cpe:/a:redhat:enterprise_linux:kdelibs-sound-devel", "p-cpe:/a:redhat:enterprise_linux:kdebase", "p-cpe:/a:redhat:enterprise_linux:kdelibs-devel", "p-cpe:/a:redhat:enterprise_linux:arts", "p-cpe:/a:redhat:enterprise_linux:kdebase-devel", "p-cpe:/a:redhat:enterprise_linux:kdelibs-sound"], "id": "REDHAT-RHSA-2004-412.NASL", "href": "https://www.tenable.com/plugins/nessus/15427", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:412. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15427);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0721\", \"CVE-2004-0746\", \"CVE-2004-0866\", \"CVE-2004-0867\");\n script_xref(name:\"RHSA\", value:\"2004:412\");\n\n script_name(english:\"RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2004:412)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kdelib and kdebase packages that resolve multiple security\nissues are now available.\n\nThe kdelibs packages include libraries for the K Desktop Environment.\nThe kdebase packages include core applications for the K Desktop\nEnvironment.\n\nAndrew Tuitt reported that versions of KDE up to and including 3.2.3\ncreate temporary directories with predictable names. A local attacker\ncould prevent KDE applications from functioning correctly, or\noverwrite files owned by other users by creating malicious symlinks.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0689 to this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE\nweb browser Konqueror allows websites to set cookies for certain\ncountry specific secondary top level domains. An attacker within one\nof the affected domains could construct a cookie which would be sent\nto all other websites within the domain leading to a session fixation\nattack. This issue does not affect popular domains such as .co.uk,\n.co.in, or .com. The Common Vulnerabilities and Exposures project has\nassigned the name CVE-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to\nshow arbitrary content in a named frame of a different browser window.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these erratum packages,\nwhich contain backported patches from the KDE team for these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0746\"\n );\n # http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b658087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:412\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdebase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-sound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdelibs-sound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/10/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:412\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"arts-2.2.2-13\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdebase-2.2.2-12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdebase-devel-2.2.2-12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdelibs-2.2.2-13\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdelibs-devel-2.2.2-13\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdelibs-sound-2.2.2-13\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kdelibs-sound-devel-2.2.2-13\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"kdebase-3.1.3-5.4\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kdebase-devel-3.1.3-5.4\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kdelibs-3.1.3-6.6\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kdelibs-devel-3.1.3-6.6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"arts / kdebase / kdebase-devel / kdelibs / kdelibs-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:44:38", "description": "According to a KDE Security Advisory, KDE may sometimes create\ntemporary files without properly checking the ownership and type of\nthe target path. This could allow a local attacker to cause KDE\napplications to overwrite arbitrary files.", "edition": 25, "published": "2007-02-09T00:00:00", "title": "FreeBSD : kdelibs insecure temporary file handling (603fe36d-ec9d-11d8-b913-000c41e2cdad)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0689", "CVE-2004-0690"], "modified": "2007-02-09T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:kdelibs"], "id": "FREEBSD_PKG_603FE36DEC9D11D8B913000C41E2CDAD.NASL", "href": "https://www.tenable.com/plugins/nessus/24307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24307);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0689\", \"CVE-2004-0690\");\n\n script_name(english:\"FreeBSD : kdelibs insecure temporary file handling (603fe36d-ec9d-11d8-b913-000c41e2cdad)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"According to a KDE Security Advisory, KDE may sometimes create\ntemporary files without properly checking the ownership and type of\nthe target path. This could allow a local attacker to cause KDE\napplications to overwrite arbitrary files.\"\n );\n # http://www.kde.org/info/security/advisory-20040811-1.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20040811-1.txt\"\n );\n # http://www.kde.org/info/security/advisory-20040811-2.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20040811-2.txt\"\n );\n # ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kstandarddirs.patch\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d058b34d\"\n );\n # ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-dcopserver.patch\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac90c402\"\n );\n # https://vuxml.freebsd.org/freebsd/603fe36d-ec9d-11d8-b913-000c41e2cdad.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?efecb7ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"kdelibs<=3.2.3_3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:40:44", "description": "According to a KDE Security Advisory :\n\nWESTPOINT internet reconnaissance services alerted the KDE security\nteam that the KDE web browser Konqueror allows websites to set cookies\nfor certain country specific secondary top level domains.\n\nWebsites operating under the affected domains can set HTTP cookies in\nsuch a way that the Konqueror web browser will send them to all other\nwebsites operating under the same domain. A malicious website can use\nthis as part of a session fixation attack. See e.g.\nhttp://www.acros.si/papers/session_fixation.pdf\n\nAffected are all country specific secondary top level domains that use\nmore than 2 characters in the secondary part of the domain name and\nthat use a secondary part other than com, net, mil, org, gov, edu or\nint. Examples of affected domains are .ltd.uk, .plc.uk and .firm.in\n\nIt should be noted that popular domains such as .co.uk, .co.in and\n.com are NOT affected.", "edition": 26, "published": "2005-07-13T00:00:00", "title": "FreeBSD : kdelibs -- konqueror cross-domain cookie injection (2797b27a-f55b-11d8-81b0-000347a4fa7d)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0746"], "modified": "2005-07-13T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:kdelibs"], "id": "FREEBSD_PKG_2797B27AF55B11D881B0000347A4FA7D.NASL", "href": "https://www.tenable.com/plugins/nessus/18877", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18877);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0746\");\n script_bugtraq_id(10991);\n script_xref(name:\"Secunia\", value:\"12341\");\n\n script_name(english:\"FreeBSD : kdelibs -- konqueror cross-domain cookie injection (2797b27a-f55b-11d8-81b0-000347a4fa7d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"According to a KDE Security Advisory :\n\nWESTPOINT internet reconnaissance services alerted the KDE security\nteam that the KDE web browser Konqueror allows websites to set cookies\nfor certain country specific secondary top level domains.\n\nWebsites operating under the affected domains can set HTTP cookies in\nsuch a way that the Konqueror web browser will send them to all other\nwebsites operating under the same domain. A malicious website can use\nthis as part of a session fixation attack. See e.g.\nhttp://www.acros.si/papers/session_fixation.pdf\n\nAffected are all country specific secondary top level domains that use\nmore than 2 characters in the secondary part of the domain name and\nthat use a secondary part other than com, net, mil, org, gov, edu or\nint. Examples of affected domains are .ltd.uk, .plc.uk and .firm.in\n\nIt should be noted that popular domains such as .co.uk, .co.in and\n.com are NOT affected.\"\n );\n # http://www.kde.org/info/security/advisory-20040823-1.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20040823-1.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.acros.si/papers/session_fixation.pdf\"\n );\n # https://vuxml.freebsd.org/freebsd/2797b27a-f55b-11d8-81b0-000347a4fa7d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6358ba38\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"kdelibs<3.2.3_3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:02:56", "description": "The SUSE security team was alerted that in some cases the integrity of\nsymlinks used by KDE are not ensured and that these symlinks can be\npointing to stale locations. This can be abused by a local attacker to\ncreate or truncate arbitrary files or to prevent KDE applications from\nfunctioning correctly.", "edition": 25, "published": "2004-09-29T00:00:00", "title": "Debian DSA-539-1 : kdelibs - temporary directory vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0689"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kdelibs"], "id": "DEBIAN_DSA-539.NASL", "href": "https://www.tenable.com/plugins/nessus/15376", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-539. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15376);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-0689\");\n script_xref(name:\"DSA\", value:\"539\");\n\n script_name(english:\"Debian DSA-539-1 : kdelibs - temporary directory vulnerability\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE security team was alerted that in some cases the integrity of\nsymlinks used by KDE are not ensured and that these symlinks can be\npointing to stale locations. This can be abused by a local attacker to\ncreate or truncate arbitrary files or to prevent KDE applications from\nfunctioning correctly.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-539\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kde packages.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 2.2.2-13.woody.12.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kdelibs-dev\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kdelibs3\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kdelibs3-bin\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kdelibs3-cups\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kdelibs3-doc\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libarts\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libarts-alsa\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libarts-dev\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkmid\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkmid-alsa\", reference:\"2.2.2-13.woody.12\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkmid-dev\", reference:\"2.2.2-13.woody.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0721", "CVE-2004-0689", "CVE-2004-0690"], "description": "Three security advisories have been issued today for KDE. The first advisory \r\nconcerns the unsafe handling of KDE's temporary directory in certain \r\ncircumstances. The second advisory relates to the unsafe creation of \r\ntemporary files by KDE 3.2.x's dcopserver . The third advisory is about a \r\nframe injection vulnerability in Konqueror as earlier reported by Heise\r\nOnline and Secunia\r\n\r\nDistributions are expected to have updated binary packages available shortly. \r\nAll issues mentioned above have also been fixed in the KDE 3.3 Release \r\nCandidate 2 that was announced yesterday . The final release of KDE 3.3 is \r\nexpected later this month.\r\n\r\nCheers,\r\nWaldo\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nKDE Security Advisory: Temporary Directory Vulnerability\r\nOriginal Release Date: 2004-08-11\r\nURL: http://www.kde.org/info/security/advisory-20040811-1.txt\r\n\r\n0. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689\r\n\r\n\r\n1. Systems affected:\r\n\r\n All versions of KDE up to KDE 3.2.3 inclusive. \r\n\r\n\r\n2. Overview:\r\n\r\n The SUSE security team was alerted that in some cases the\r\n integrity of symlinks used by KDE are not ensured and that\r\n these symlinks can be pointing to stale locations. This can\r\n be abused by a local attacker to create or truncate arbitrary\r\n files or to prevent KDE applications from functioning\r\n correctly (Denial of Service).\r\n\r\n KDE creates in ~/.kde symlinks to a temporary directory, a socket\r\n directory and a cache directory. When a user logs into the KDE\r\n environment the startkde script ensures that these symlinks are\r\n present and point to directories that are owned by the user.\r\n However, when a user runs KDE applications outside the KDE\r\n environment or when a user runs a KDE applications as another user, \r\n such as root, the integrity of these symlinks is not checked and it\r\n is possible that a previously created but now stale symlinks exist.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the name CAN-2004-0689 to this issue.\r\n\r\n\r\n3. Impact:\r\n\r\n When a stale symlink is present a local attacker could create the\r\n directory that the symlink is pointing to with his own credentials\r\n to prevent access to this directory by KDE applications. This can\r\n prevent KDE applications from functioning correctly.\r\n\r\n When a stale symlink is present a local attacker could create the\r\n directory that the symlink is pointing to with his own credentials.\r\n Since KDE applications will attempt to create files with certain\r\n known names in this directory, an attacker can abuse this to overwrite\r\n arbitrary files with the privileges of the user.\r\n\r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patches for KDE 3.0.5b are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n da950a651e69cd810019efce284120fc post-3.0.5b-kdelibs-kstandarddirs.patch\r\n\r\n Patches for KDE 3.1.5 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n c97ab0cf014adb59e315047210316f5d post-3.1.5-kdelibs-kstandarddirs.patch\r\n\r\n Patches for KDE 3.2.3 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n 345ce2e01cfdfa4754c47894c0271dcc post-3.2.3-kdelibs-kstandarddirs.patch\r\n\r\n\r\n6. Time line and credits:\r\n\r\n\r\n 23/06/2004 SUSE Security Team alerted by Andrew Tuitt\r\n 26/06/2004 Patches created\r\n 27/07/2004 Vendors notified\r\n 11/08/2004 Public advisory\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQFBGioUN4pvrENfboIRAnALAJ9ynwVAnzRtkDghmItkkCTe8qu/eACfabZc\r\nX/9KZihVfSQKjOHvmvBOzv0=\r\n=VM4l\r\n-----END PGP SIGNATURE-----\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nKDE Security Advisory: DCOPServer Temporary Filename Vulnerability\r\nOriginal Release Date: 2004-08-11\r\nURL: http://www.kde.org/info/security/advisory-20040811-2.txt\r\n\r\n0. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690\r\n http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386\r\n\r\n1. Systems affected:\r\n\r\n KDE 3.2.x up to KDE 3.2.3 inclusive. \r\n\r\n\r\n2. Overview:\r\n\r\n The Debian project was alerted that KDE's DCOPServer creates\r\n temporary files in an insecure manner. Since the temporary\r\n files are used for authentication related purposes this can\r\n potentially allow a local attacker to compromise the account of\r\n any user which runs a KDE application.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the name CAN-2004-0690 to this issue.\r\n\r\n\r\n3. Impact:\r\n\r\n KDE's DCOPServer creates temporary files in an insecure manner.\r\n Since the temporary files are used for authentication related\r\n purposes this can potentially allow a local attacker to compromise\r\n the account of any user which runs a KDE application.\r\n \r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patches for KDE 3.2.3 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n 0046c691fa833b2ff8d7eac15312a68b post-3.2.3-kdelibs-dcopserver.patch\r\n\r\n\r\n6. Time line and credits:\r\n\r\n\r\n 25/07/2004 Debian Project alerted by Colin Phipps\r\n 26/07/2004 KDE Security team informed by Chris Cheney\r\n 26/07/2004 Patch created\r\n 27/07/2004 Vendors notified\r\n 11/08/2004 Public advisory\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQFBGiosN4pvrENfboIRApSoAJ0S7zbgId9etA3EDrOv5dnFpSUU4wCfd2JK\r\nkHcL+tcXbrH971YcuoEleTQ=\r\n=VHci\r\n-----END PGP SIGNATURE-----\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nKDE Security Advisory: Konqueror Frame Injection Vulnerability\r\nOriginal Release Date: 2004-08-11\r\nURL: http://www.kde.org/info/security/advisory-20040811-3.txt\r\n\r\n0. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721\r\n http://secunia.com/advisories/11978/\r\n http://www.heise.de/newsticker/meldung/48793\r\n http://bugs.kde.org/show_bug.cgi?id=84352\r\n\r\n1. Systems affected:\r\n\r\n All versions of KDE up to KDE 3.2.3 inclusive. \r\n\r\n\r\n2. Overview:\r\n\r\n The Konqueror webbrowser allows websites to load webpages into\r\n a frame of any other frame-based webpage that the user may have open.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the name CAN-2004-0721 to this issue.\r\n\r\n\r\n3. Impact:\r\n\r\n A malicious website could abuse Konqueror to insert its own frames\r\n into the page of an otherwise trusted website. As a result the user\r\n may unknowingly send confidential information intended for the\r\n trusted website to the malicious website.\r\n \r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patches for KDE 3.0.5b are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n aa3ac08a45851a1c33b2fcd435e1d514 post-3.0.5b-kdelibs-htmlframes.patch\r\n dc4dfff2df75d19e527368f56dc92abb post-3.0.5b-kdebase-htmlframes.patch\r\n\r\n Patches for KDE 3.1.5 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n e6cebe1f93f7497d720018362077dcf7 post-3.1.5-kdelibs-htmlframes.patch\r\n caa562da0735deacba3ae9170f2bf18f post-3.1.5-kdebase-htmlframes.patch\r\n\r\n Patches for KDE 3.2.3 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n 8384f2785295be7082d9984ba8e175eb post-3.2.3-kdelibs-htmlframes.patch\r\n a60fd1628607d4abdeb930662d126171 post-3.2.3-kdebase-htmlframes.patch\r\n\r\n\r\n6. Time line and credits:\r\n\r\n\r\n 01/07/2004 Secunia publishes security advisory\r\n 04/08/2004 Patches created\r\n 05/08/2004 Vendors notified\r\n 11/08/2004 Public advisory\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQFBGioxN4pvrENfboIRAi+mAJ0WMjHog9VRHoDpPodNCwV0RhR0UQCeMNE/\r\nhjSS3bG2/H6ZeaD2VSm9hoI=\r\n=YE7B\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-08-12T00:00:00", "published": "2004-08-12T00:00:00", "id": "SECURITYVULNS:DOC:6606", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6606", "title": "KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0746"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nKDE Security Advisory: Konqueror Cross-Domain Cookie Injection\r\nOriginal Release Date: 2004-08-23\r\nURL: http://www.kde.org/info/security/advisory-20040823-1.txt\r\n\r\n0. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746\r\n\r\n\r\n1. Systems affected:\r\n\r\n KDE versions up to KDE 3.2.3 inclusive. KDE 3.3 is not affected.\r\n\r\n\r\n2. Overview:\r\n\r\n WESTPOINT internet reconnaissance services alerted the KDE\r\n security team that the KDE web browser Konqueror allows websites\r\n to set cookies for certain country specific secondary top level\r\n domains.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the name CAN-2004-0746 to this issue.\r\n\r\n\r\n3. Impact:\r\n\r\n Web sites operating under the affected domains can set HTTP\r\n cookies in such a way that the Konqueror web browser will send them\r\n to all other web sites operating under the same domain.\r\n A malicious website can use this as part of a session fixation\r\n attack. See e.g. http://www.acros.si/papers/session_fixation.pdf\r\n\r\n Affected are all country specific secondary top level domains that\r\n use more than 2 characters in the secondary part of the domain name\r\n and that use a secondary part other than com, net, mil, org, gov, \r\n edu or int. Examples of affected domains are .ltd.uk, .plc.uk and\r\n .firm.in\r\n\r\n It should be noted that popular domains such as .co.uk, .co.in\r\n and .com are NOT affected.\r\n\r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patches for KDE 3.0.5b are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n 3d83e3235d608176f47d84abdf78e96e post-3.0.5b-kdelibs-kcookiejar.patch\r\n\r\n Patches for KDE 3.1.5 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n eec46dc123742c23819bd4c396eb87b6 post-3.1.5-kdelibs-kcookiejar.patch\r\n\r\n Patches for KDE 3.2.3 are available from\r\n ftp://ftp.kde.org/pub/kde/security_patches : \r\n\r\n ca12b078c7288ce9b2653e639a5b3ee0 post-3.2.3-kdelibs-kcookiejar.patch\r\n\r\n\r\n6. Time line and credits:\r\n\r\n 16/07/2004 Vulnerability discovered by WESTPOINT\r\n 20/07/2004 KDE Security Team alerted\r\n 20/07/2004 Patches created\r\n 05/08/2004 Vendors notified\r\n 23/08/2004 Public advisory\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQFBJyPmN4pvrENfboIRApMgAJwKuhGdpZ/p8Q+q65ciZ+3m9jwb0wCeJGu4\r\nQC3wYjYfsJ7Ek5FyqGIoyjI=\r\n=V9jM\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-08-25T00:00:00", "published": "2004-08-25T00:00:00", "id": "SECURITYVULNS:DOC:6666", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6666", "title": "KDE Security Advisory: Konqueror Cross-Domain Cookie Injection", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0870", "CVE-2004-0872", "CVE-2004-0746", "CVE-2004-0867", "CVE-2004-0869", "CVE-2004-0871", "CVE-2004-0866"], "description": "Westpoint Security Advisory\r\n---------------------------\r\n\r\nTitle: Multiple Browser Cookie Injection Vulnerabilities\r\nRisk Rating: Low\r\nSoftware: Multiple Web Browsers\r\nPlatforms: Unix and Windows\r\nAuthor: Paul Johnston <paul@westpoint.ltd.uk>\r\n assisted by Richard Moore <rich@westpoint.ltd.uk>\r\nDate: 15 September 2004\r\nAdvisory ID#: wp-04-0001\r\nURL: http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt\r\nCVE: Multiple assigned, see main text\r\n\r\nOverview\r\n--------\r\n\r\nA design goal for cookies is to "prevent the sharing of session\r\ninformation between hosts that are in different domains." It appears\r\ncurrent implementations are successful at allowing a domain to keep its\r\ncookies private. However, multiple mechanisms have been discovered for\r\none domain to inject cookies into another. These could be used to\r\nperform session fixation attacks against web applications.\r\n\r\nRecommendations:\r\n * Affected browsers be patched for these vulnerabilities.\r\n * Web applications implement application layer mitigations for session\r\n fixation attacks, as described in [2].\r\n\r\nTested:\r\n Internet Explorer 6.0 for Windows 2000, all patches\r\n Konqueror 3.1.4 for SuSE 9.0\r\n Mozilla Firefox 0.9.2 for Windows 2000\r\n Opera 7.51 for Windows 2000\r\n\r\n\r\nCross-Domain Cookie Injection\r\n-----------------------------\r\nVulnerable:\r\n Konqueror CAN-2004-0746\r\n Internet Explorer CAN-2004-0866\r\n Mozilla CAN-2004-0867\r\nNot vulnerable:\r\n Opera\r\n\r\nBy default, cookies are only sent to the host that issued them. There is\r\nan optional "domain" attribute that overrides this behaviour. For\r\nexample, red.example.com could set a cookie with domain=.example.com.\r\nThis would then be sent to any host in the .example.com domain.\r\n\r\nThere is potential for abuse here, consider the case where\r\nred.example.com sets a cookie with domain=.com. In principle this would\r\nbe sent to any host in the .com domain. However [1] requires browsers to\r\nreject cookies where:\r\n\r\n "The value for the Domain attribute contains no embedded dots"\r\n\r\nThis prevents a cookie being set with domain=.com. However, this does\r\nnot extend to country domains that are split into two parts. For\r\nexample, red.example.co.uk could set a cookie with domain=.co.uk and\r\nthis will be sent to all hosts in the .co.uk domain. Mozilla follows the\r\nRFC exactly and is vulnerable to this. Konqueror and Internet Explorer\r\nhave some further protection, preventing domains of the following forms:\r\n\r\n * Where the 2nd level domain is two or fewer characters, i.e. xx.yy or\r\n x.yy\r\n * Domains of the form (com|net|mil|org|gov|edu|int).yy\r\n\r\nThis does prevent .co.uk cross domain cookie injection but does not\r\nprotect all domains. For example, the following .uk domains are\r\nunprotected:\r\n\r\n .ltd.uk\r\n .plc.uk\r\n .sch.uk\r\n .nhs.uk\r\n .police.uk\r\n .mod.uk\r\n\r\nWhen testing with Opera, it appeared that browser always correctly\r\ndetected the domain. It is not immediately clear how Opera does this\r\ncheck.\r\n\r\nExample exploitation:\r\n 1) http://example.ltd.uk/ is identified for attack. It uses the "sid"\r\n cookie to hold the session ID.\r\n 2) Attacker obtains attacker.ltd.uk domain\r\n 3) User is enticed to click link to http://attacker.ltd.uk/\r\n 4) This site sets the "sid" cookie with domain=.ltd.uk\r\n 5) When user logs into example.ltd.uk, they are using a sesion ID known\r\n to the attacker.\r\n 6) Attacker now has a logged-in session ID and has compromised the\r\n user's account.\r\n\r\nExploitation is dependent on the user clicking an untrusted link.\r\nHowever, it is fundamental to the use of the web that we do sometimes\r\nclick untrusted links. This attack can happen regardless of the use of SSL.\r\n\r\n\r\nCross Security Boundary Cookie Injection\r\n----------------------------------------\r\nVulnerable:\r\n Internet Explorer CAN-2004-0869\r\n Konqueror CAN-2004-0870\r\n Mozilla CAN-2004-0871\r\n Opera CAN-2004-0872\r\n\r\nBy default cookies are sent to all ports on the host that issued them,\r\nregardless of whether SSL is in use. There is an optional "secure"\r\nattribute that restricts sending to secure channels. This prevents\r\nsecure cookies leaking out over insecure channels. However, there is no\r\nprotection to prevent cookies set over a non-secure channel being\r\npresented on a secure channel. In general to maintain proper boundaries\r\nbetween security levels, it is necessary to defend against both attacks\r\n - protecting both confidentiality and integrity.\r\n\r\nExample exploitation:\r\n 1) https://example.com/ identified for attack, which uses "sid" cookie\r\n as session ID.\r\n 2) User is enticed to click link to http://example.com/\r\n 3) By some mechanism the attacker intercepts this request and sets the\r\n "sid" cookie\r\n 4) When user logs into https://example.com/ they are using a sesion ID\r\n known to the attacker.\r\n 5) Attacker now has a logged-in session ID and has compromised the\r\n user's account.\r\n\r\nIn addition to the user clicking an untrusted link, exploitation is\r\ndependent on the attacker tampering with non-SSL network traffic. This\r\nis a reasonable assumption as the purpose of SSL is to provide security\r\nover an insecure network.\r\n\r\n\r\nReferences\r\n----------\r\n\r\n[1] RFC2965 - HTTP State Management Mechanism\r\n http://www.ietf.org/rfc/rfc2965.txt\r\n\r\n[2] Session Fixation Vulnerability in Web-based Applications\r\n http://www.acros.si/papers/session_fixation.pdf\r\n\r\n[3] Persistent Client State - HTTP Cookies\r\n http://www.netscape.com/newsref/std/cookie_spec.html\r\n\r\n[4] Cookies and Cookie Handling in Opera 7 Explained\r\n http://o.bulport.com/index.php?item=55\r\n\r\n\r\nHistory\r\n-------\r\n\r\n16 July 2004 Vulnerabilities discovered\r\n\r\n20 July 2004 Vendors informed\r\n\r\n20 July 2004 Mozilla bug opened\r\n\r\n http://bugzilla.mozilla.org/show_bug.cgi?id=252342\r\n\r\n The discussion shows that the cross domain problem is a long standing\r\n known bug. However, one contibutor claimed the exploit is being used in\r\n the wild. Several fixes were suggested and it appears this bug will be\r\n addressed soon.\r\n\r\n No discussion of the SSL vs non-SSL problem.\r\n\r\n21 July 2004 Opera respond\r\n\r\n The response explains that they take the cross domain problem\r\n seriously, and that they have solved it by doing a DNS lookup on the\r\n specified domain. Some information is available in [4].\r\n\r\n They also explained that they could not solve the cross security\r\n boundary problem without breaking standards and existing web apps.\r\n\r\n This problem has previously been reported as the "Cookie Monster bug"\r\n http://www.securiteam.com/exploits/Cookie_Monster_vulnerability.html\r\n\r\n23 July 2004 Konqueror respond\r\n\r\n Explain that they intend to fix the cross domain problem by including a\r\n list of ccTLDs that, like .uk, require 3 dots. The domain are:\r\n\r\n name,ai,au,bd,bh,ck,eg,et,fk,il,in,kh,kr,mk,mt,na,\r\n np,nz,pg,pk,qa,sa,sb,sg,sv,ua,ug,uk,uy,vn,za,zw\r\n\r\n The brief discussion of the cross security boundary suggests they do\r\n not consider it possible to solve at this time.\r\n\r\n23 Aug 2004 KDE Security Advisory released\r\n\r\n http://www.kde.org/info/security/advisory-20040823-1.txt\r\n\r\n KDE issue an advisory stating the cross-domain problem is fixed in KDE\r\n 3.3. Patches are also available for older 3.x versions.\r\n\r\n13 Sept 2004 Vendors notified of impending release\r\n\r\n14 Sept 2004 CVE candidates assigned for other issues\r\n\r\n15 Sept 2004 Microsoft respond\r\n\r\n Best practice for web sites to resist session fixation attacks is to\r\n change the session ID after authentication. They are looking at ways to\r\n address this in the browser. As this may cause compatibility issues and\r\n the issue is low risk, they have not commited to a timeline.\r\n\r\n15 Sept 2004 Advisory published\r\n\r\n\r\nThanks\r\n------\r\n\r\nMany thanks to the vendors for their responses. Also, thanks to Steven\r\nChristey for assigning CVE numbers.\r\n\r\n\r\n\r\n\r\n\r\n-- \r\nPaul Johnston\r\nInternet Security Specialist\r\nWestpoint Limited\r\nAlbion Wharf, 19 Albion Street,\r\nManchester, M1 5LN\r\nEngland\r\nTel: +44 (0)161 237 1028\r\nFax: +44 (0)161 237 1031\r\nemail: paul@westpoint.ltd.uk\r\nweb: www.westpoint.ltd.uk\r\n\r\n\r\n\r\n\r\n", "edition": 1, "modified": "2004-09-17T00:00:00", "published": "2004-09-17T00:00:00", "id": "SECURITYVULNS:DOC:6832", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6832", "title": "wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:46:45", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0689", "CVE-2004-0721", "CVE-2004-0746"], "description": "The kdelibs packages include libraries for the K Desktop Environment.\nThe kdebase packages include core applications for the K Desktop Environment.\n\nAndrew Tuitt reported that versions of KDE up to and including 3.2.3 create\ntemporary directories with predictable names. A local attacker could\nprevent KDE applications from functioning correctly, or overwrite files\nowned by other users by creating malicious symlinks. The Common\nVulnerabilities and Exposures project has assigned the name CAN-2004-0689\nto this issue.\n\nWESTPOINT internet reconnaissance services has discovered that the KDE web\nbrowser Konqueror allows websites to set cookies for certain country\nspecific secondary top level domains. An attacker within one of the\naffected domains could construct a cookie which would be sent to all other\nwebsites within the domain leading to a session fixation attack. This\nissue does not affect popular domains such as .co.uk, .co.in, or .com. The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2004-0721 to this issue.\n\nA frame injection spoofing vulnerability has been discovered in the\nKonqueror web browser. This issue could allow a malicious website to show\narbitrary content in a named frame of a different browser window. The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2004-0746 to this issue.\n\nAll users of KDE are advised to upgrade to these erratum packages,\nwhich contain backported patches from the KDE team for these issues.", "modified": "2019-03-22T23:43:33", "published": "2004-10-05T04:00:00", "id": "RHSA-2004:412", "href": "https://access.redhat.com/errata/RHSA-2004:412", "type": "redhat", "title": "(RHSA-2004:412) kdelibs, kdebase security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:15", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0689", "CVE-2004-0690"], "description": "\nAccording to a KDE Security Advisory, KDE may sometimes\n\t create temporary files without properly checking the ownership\n\t and type of the target path.\tThis could allow a local\n\t attacker to cause KDE applications to overwrite arbitrary\n\t files.\n", "edition": 4, "modified": "2004-08-11T00:00:00", "published": "2004-08-11T00:00:00", "id": "603FE36D-EC9D-11D8-B913-000C41E2CDAD", "href": "https://vuxml.freebsd.org/freebsd/603fe36d-ec9d-11d8-b913-000c41e2cdad.html", "title": "kdelibs insecure temporary file handling", "type": "freebsd", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:14", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0746"], "description": "\nAccording to a KDE Security Advisory:\n\nWESTPOINT internet reconnaissance services alerted the\n\t KDE security team that the KDE web browser Konqueror\n\t allows websites to set cookies for certain country\n\t specific secondary top level domains.\nWeb sites operating under the affected domains can\n\t set HTTP cookies in such a way that the Konqueror web\n\t browser will send them to all other web sites operating\n\t under the same domain. A malicious website can use\n\t this as part of a session fixation attack. See e.g.\n\t http://www.acros.si/papers/session_fixation.pdf\nAffected are all country specific secondary top level\n\t domains that use more than 2 characters in the secondary\n\t part of the domain name and that use a secondary part other\n\t than com, net, mil, org, gov, edu or int. Examples of\n\t affected domains are .ltd.uk, .plc.uk and .firm.in\nIt should be noted that popular domains such as .co.uk, .co.in\n\t and .com are NOT affected.\n\n", "edition": 4, "modified": "2004-08-23T00:00:00", "published": "2004-08-23T00:00:00", "id": "2797B27A-F55B-11D8-81B0-000347A4FA7D", "href": "https://vuxml.freebsd.org/freebsd/2797b27a-f55b-11d8-81b0-000347a4fa7d.html", "title": "kdelibs -- konqueror cross-domain cookie injection", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:13", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0717", "CVE-2004-0718", "CVE-2004-0721"], "description": "\nA class of bugs affecting many web browsers in the same way\n\t was discovered. A Secunia advisory reports:\n\nThe problem is that the browsers don't check if a target\n\t frame belongs to a website containing a malicious link,\n\t which therefore doesn't prevent one browser window from\n\t loading content in a named frame in another window.\nSuccessful exploitation allows a malicious website to load\n\t arbitrary content in an arbitrary frame in another browser\n\t window owned by e.g. a trusted site.\n\nA KDE Security Advisory reports:\n\nA malicious website could abuse Konqueror to insert\n\t its own frames into the page of an otherwise trusted\n\t website. As a result the user may unknowingly send\n\t confidential information intended for the trusted website\n\t to the malicious website.\n\nSecunia has provided a demonstration of the vulnerability at http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/.\n", "edition": 4, "modified": "2004-09-14T00:00:00", "published": "2004-08-11T00:00:00", "id": "641859E8-ECA1-11D8-B913-000C41E2CDAD", "href": "https://vuxml.freebsd.org/freebsd/641859e8-eca1-11d8-b913-000c41e2cdad.html", "title": "Mutiple browser frame injection vulnerability", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:03", "bulletinFamily": "software", "cvelist": ["CVE-2004-0690"], "edition": 1, "description": "## Vulnerability Description\nKDE DCOPServer contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the DCOPServer not creating temporary files in a secure manner. This may allow an attacker to use a symlink style of attack to gain access to user credentials causing a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, KDE has released a patch to address this vulnerability.\n## Short Description\nKDE DCOPServer contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the DCOPServer not creating temporary files in a secure manner. This may allow an attacker to use a symlink style of attack to gain access to user credentials causing a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20040811-2.txt)\nSecurity Tracker: 1010932\n[Secunia Advisory ID:12276](https://secuniaresearch.flexerasoftware.com/advisories/12276/)\n[Secunia Advisory ID:12465](https://secuniaresearch.flexerasoftware.com/advisories/12465/)\n[Secunia Advisory ID:12343](https://secuniaresearch.flexerasoftware.com/advisories/12343/)\n[Secunia Advisory ID:12284](https://secuniaresearch.flexerasoftware.com/advisories/12284/)\n[Secunia Advisory ID:12495](https://secuniaresearch.flexerasoftware.com/advisories/12495/)\n[Secunia Advisory ID:12521](https://secuniaresearch.flexerasoftware.com/advisories/12521/)\n[Related OSVDB ID: 8589](https://vulners.com/osvdb/OSVDB:8589)\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200408-13.xml\nOther Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345\nOther Advisory URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:086\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000864\n[CVE-2004-0690](https://vulners.com/cve/CVE-2004-0690)\n", "modified": "2004-08-11T04:53:53", "published": "2004-08-11T04:53:53", "href": "https://vulners.com/osvdb/OSVDB:8590", "id": "OSVDB:8590", "type": "osvdb", "title": "KDE DCOPServer Insecure Temporary File Privilege Escalation", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2004-0746"], "edition": 1, "description": "## Vulnerability Description\nKDE contains a flaw that may allow a malicious user to conduct session fixation attacks. The issue is triggered when a remote attacker sets cookies for the websites of certain country-specific secondary top-level domains, which will fix a session by setting a known session ID in a cookie. It is possible that the flaw may allow a session hijacking, resulting in a loss of integrity.\n## Technical Description\nSuccessful exploitation may allow a session to be hijacked, but requires that the domain does not end in \".com\", \".net\", \".mil\", \".org\", \".gov\", \".edu\", nor \".int\" and the secondary part has more than two characters (e.g. \".plc.uk\").\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, KDE has released a patch to address this vulnerability.\n## Short Description\nKDE contains a flaw that may allow a malicious user to conduct session fixation attacks. The issue is triggered when a remote attacker sets cookies for the websites of certain country-specific secondary top-level domains, which will fix a session by setting a known session ID in a cookie. It is possible that the flaw may allow a session hijacking, resulting in a loss of integrity.\n## References:\nSecurity Tracker: 1011017\n[Secunia Advisory ID:12369](https://secuniaresearch.flexerasoftware.com/advisories/12369/)\n[Secunia Advisory ID:12465](https://secuniaresearch.flexerasoftware.com/advisories/12465/)\n[Secunia Advisory ID:12725](https://secuniaresearch.flexerasoftware.com/advisories/12725/)\n[Secunia Advisory ID:12341](https://secuniaresearch.flexerasoftware.com/advisories/12341/)\n[Secunia Advisory ID:12495](https://secuniaresearch.flexerasoftware.com/advisories/12495/)\n[Secunia Advisory ID:12521](https://secuniaresearch.flexerasoftware.com/advisories/12521/)\nOther Advisory URL: http://www.kde.org/info/security/advisory-20040823-1.txt\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-412.html\nOther Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200408-23.xml\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000864\n[CVE-2004-0746](https://vulners.com/cve/CVE-2004-0746)\n", "modified": "2004-08-23T11:58:48", "published": "2004-08-23T11:58:48", "id": "OSVDB:9117", "href": "https://vulners.com/osvdb/OSVDB:9117", "title": "KDE Cross-Domain Cookie Injection", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:03", "bulletinFamily": "software", "cvelist": ["CVE-2004-0689"], "edition": 1, "description": "## Vulnerability Description\nKDE DCOPServer contains a flaw that may allow a malicious user to compromise local user accounts. The issue is triggered when DCOPserver creates insecure temporary files which may be used for authentication purposes occurs. It is possible that the flaw may allow a local attacker to compromise local accounts that run applications within KDE resulting in a loss of confidentiality, and integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, KDE has released a patch to address this vulnerability.\n## Short Description\nKDE DCOPServer contains a flaw that may allow a malicious user to compromise local user accounts. The issue is triggered when DCOPserver creates insecure temporary files which may be used for authentication purposes occurs. It is possible that the flaw may allow a local attacker to compromise local accounts that run applications within KDE resulting in a loss of confidentiality, and integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20040811-1.txt)\n[Secunia Advisory ID:12276](https://secuniaresearch.flexerasoftware.com/advisories/12276/)\n[Secunia Advisory ID:12311](https://secuniaresearch.flexerasoftware.com/advisories/12311/)\n[Secunia Advisory ID:12465](https://secuniaresearch.flexerasoftware.com/advisories/12465/)\n[Secunia Advisory ID:12343](https://secuniaresearch.flexerasoftware.com/advisories/12343/)\n[Secunia Advisory ID:12725](https://secuniaresearch.flexerasoftware.com/advisories/12725/)\n[Secunia Advisory ID:12284](https://secuniaresearch.flexerasoftware.com/advisories/12284/)\n[Secunia Advisory ID:12495](https://secuniaresearch.flexerasoftware.com/advisories/12495/)\n[Secunia Advisory ID:12521](https://secuniaresearch.flexerasoftware.com/advisories/12521/)\n[Related OSVDB ID: 8590](https://vulners.com/osvdb/OSVDB:8590)\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200408-13.xml\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-412.html\nOther Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345\nOther Advisory URL: http://www.debian.org/security/2004/dsa-539\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:086\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000864\n[CVE-2004-0689](https://vulners.com/cve/CVE-2004-0689)\n", "modified": "2004-08-11T04:53:53", "published": "2004-08-11T04:53:53", "href": "https://vulners.com/osvdb/OSVDB:8589", "id": "OSVDB:8589", "type": "osvdb", "title": "KDE DCOPServer Insecure Temporary File Manipulation", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:05", "bulletinFamily": "software", "cvelist": ["CVE-2004-0746", "CVE-2004-0867", "CVE-2004-0866"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nSecurity Tracker: 1011332\nSecurity Tracker: 1011331\n[Secunia Advisory ID:12581](https://secuniaresearch.flexerasoftware.com/advisories/12581/)\n[Secunia Advisory ID:12580](https://secuniaresearch.flexerasoftware.com/advisories/12580/)\n[Secunia Advisory ID:12725](https://secuniaresearch.flexerasoftware.com/advisories/12725/)\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-412.html\nOther Advisory URL: http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt\n[CVE-2004-0866](https://vulners.com/cve/CVE-2004-0866)\n[CVE-2004-0867](https://vulners.com/cve/CVE-2004-0867)\n[CVE-2004-0746](https://vulners.com/cve/CVE-2004-0746)\n", "modified": "2004-09-15T00:00:00", "published": "2004-09-15T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:10002", "id": "OSVDB:10002", "type": "osvdb", "title": "Multiple Browser Cross-Domain Cookie Injection", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:02", "bulletinFamily": "software", "cvelist": ["CVE-2004-1158", "CVE-2004-0717", "CVE-2004-0718", "CVE-2005-1937", "CVE-2004-0721", "CVE-2004-0719", "CVE-2004-0720"], "edition": 1, "description": "## Vulnerability Description\nMultiple Web Browsers contain a flaw that may allow a malicious user to spoof the content of websites. The issue is triggered when arbitrary content is loaded from a malicious website in an separate frame in another browser window. It is possible that this flaw may allow content to load that appears to originate from a trusted site, resulting in a loss of integrity.\n## Technical Description\nWhile this vulnerability dates back to 1998, many web browsers since then have been coded with this issue. In other cases, some web browsers such as Firefox and Mozilla have fixed the vulnerability and then re-introduced it in later versions.\n## Solution Description\nDepending upon the vendor, either upgrade to the most recent release or install the available patches, as these solutions have been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): do not visit or follow links from untrusted websites.\n## Short Description\nMultiple Web Browsers contain a flaw that may allow a malicious user to spoof the content of websites. The issue is triggered when arbitrary content is loaded from a malicious website in an separate frame in another browser window. It is possible that this flaw may allow content to load that appears to originate from a trusted site, resulting in a loss of integrity.\n## References:\nVendor Specific Solution URL: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01230\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=246448\nVendor Specific News/Changelog Entry: http://bugs.debian.org/261740\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=61798)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/mfsa2005-51.html)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm)\n[Vendor Specific Advisory URL](http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBOV01229)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-101952-1)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt)\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20040811-3.txt)\n[Vendor Specific Advisory URL](http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01231)\nSecurity Tracker: 1011177\n[Secunia Advisory ID:13477](https://secuniaresearch.flexerasoftware.com/advisories/13477/)\n[Secunia Advisory ID:16095](https://secuniaresearch.flexerasoftware.com/advisories/16095/)\n[Secunia Advisory ID:16233](https://secuniaresearch.flexerasoftware.com/advisories/16233/)\n[Secunia Advisory ID:16418](https://secuniaresearch.flexerasoftware.com/advisories/16418/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16473](https://secuniaresearch.flexerasoftware.com/advisories/16473/)\n[Secunia Advisory ID:16797](https://secuniaresearch.flexerasoftware.com/advisories/16797/)\n[Secunia Advisory ID:17057](https://secuniaresearch.flexerasoftware.com/advisories/17057/)\n[Secunia Advisory ID:11966](https://secuniaresearch.flexerasoftware.com/advisories/11966/)\n[Secunia Advisory ID:12465](https://secuniaresearch.flexerasoftware.com/advisories/12465/)\n[Secunia Advisory ID:13486](https://secuniaresearch.flexerasoftware.com/advisories/13486/)\n[Secunia Advisory ID:13560](https://secuniaresearch.flexerasoftware.com/advisories/13560/)\n[Secunia Advisory ID:15432](https://secuniaresearch.flexerasoftware.com/advisories/15432/)\n[Secunia Advisory ID:16141](https://secuniaresearch.flexerasoftware.com/advisories/16141/)\n[Secunia Advisory ID:16157](https://secuniaresearch.flexerasoftware.com/advisories/16157/)\n[Secunia Advisory ID:16257](https://secuniaresearch.flexerasoftware.com/advisories/16257/)\n[Secunia Advisory ID:16326](https://secuniaresearch.flexerasoftware.com/advisories/16326/)\n[Secunia Advisory ID:16446](https://secuniaresearch.flexerasoftware.com/advisories/16446/)\n[Secunia Advisory ID:17645](https://secuniaresearch.flexerasoftware.com/advisories/17645/)\n[Secunia Advisory ID:12283](https://secuniaresearch.flexerasoftware.com/advisories/12283/)\n[Secunia Advisory ID:12343](https://secuniaresearch.flexerasoftware.com/advisories/12343/)\n[Secunia Advisory ID:12725](https://secuniaresearch.flexerasoftware.com/advisories/12725/)\n[Secunia Advisory ID:12491](https://secuniaresearch.flexerasoftware.com/advisories/12491/)\n[Secunia Advisory ID:15602](https://secuniaresearch.flexerasoftware.com/advisories/15602/)\n[Secunia Advisory ID:16151](https://secuniaresearch.flexerasoftware.com/advisories/16151/)\n[Secunia Advisory ID:16197](https://secuniaresearch.flexerasoftware.com/advisories/16197/)\n[Secunia Advisory ID:16894](https://secuniaresearch.flexerasoftware.com/advisories/16894/)\n[Secunia Advisory ID:17235](https://secuniaresearch.flexerasoftware.com/advisories/17235/)\n[Secunia Advisory ID:11978](https://secuniaresearch.flexerasoftware.com/advisories/11978/)\n[Secunia Advisory ID:12284](https://secuniaresearch.flexerasoftware.com/advisories/12284/)\n[Secunia Advisory ID:12495](https://secuniaresearch.flexerasoftware.com/advisories/12495/)\n[Secunia Advisory ID:12521](https://secuniaresearch.flexerasoftware.com/advisories/12521/)\n[Secunia Advisory ID:12747](https://secuniaresearch.flexerasoftware.com/advisories/12747/)\n[Secunia Advisory ID:15601](https://secuniaresearch.flexerasoftware.com/advisories/15601/)\n[Secunia Advisory ID:16164](https://secuniaresearch.flexerasoftware.com/advisories/16164/)\n[Secunia Advisory ID:16168](https://secuniaresearch.flexerasoftware.com/advisories/16168/)\n[Secunia Advisory ID:16230](https://secuniaresearch.flexerasoftware.com/advisories/16230/)\nRedHat RHSA: RHSA-2005:587\nRedHat RHSA: RHSA-2005:586\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200408-13.xml\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:082\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-412.html\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:150\nOther Advisory URL: http://www.kde.org/info/security/advisory-20041213-1.txt\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-149-1\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Jul/0006.html\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345\nOther Advisory URL: http://www.suse.de/de/security/2004_36_mozilla.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25/SCOSA-2005.25.txt\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.418880\nOther Advisory URL: http://www.debian.org/security/2005/dsa-810\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:086\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000864\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200507-14.xml\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200507-24.xml\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-155-1\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:128\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_45_mozilla.html\nOther Advisory URL: http://www.debian.org/security/2005/dsa-775\nOther Advisory URL: http://www.debian.org/security/2005/dsa-777\nMicrosoft Security Bulletin: ms98-020\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1036.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1038.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1037.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0236.html\nKeyword: HPSBOV01229\nKeyword: SSRT5999\nKeyword: SCOSA-2005.49\nISS X-Force ID: 1598\nGeneric Exploit URL: http://packetstormsecurity.org/0401-exploits/malwareSpoof.txt\n[CVE-2004-0718](https://vulners.com/cve/CVE-2004-0718)\n[CVE-2004-0721](https://vulners.com/cve/CVE-2004-0721)\n[CVE-2004-0719](https://vulners.com/cve/CVE-2004-0719)\n[CVE-2004-0720](https://vulners.com/cve/CVE-2004-0720)\n[CVE-2005-1937](https://vulners.com/cve/CVE-2005-1937)\n[CVE-2004-1158](https://vulners.com/cve/CVE-2004-1158)\n[CVE-2004-0717](https://vulners.com/cve/CVE-2004-0717)\nBugtraq ID: 11140\nBugtraq ID: 10921\n", "modified": "1998-12-03T00:00:00", "published": "1998-12-03T00:00:00", "id": "OSVDB:7296", "href": "https://vulners.com/osvdb/OSVDB:7296", "title": "Multiple Browser Frame Injection Spoofing", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:43:47", "bulletinFamily": "info", "cvelist": ["CVE-2004-0690"], "description": "### Overview \n\nKDE DCOPServer insecurely creates and maintains temporary files used for authentication purposes. Unauthorized local users may be able to modify user account information and execute arbitrary commands with the privileges of the compromised account.\n\n### Description \n\nThe Desktop COmmunications Protocol (DCOP) is a lightweight mechanism to facilitate inter-process communication over sockets. The KDE DCOPServer is an implementation of DCOP for the KDE Desktop Environment. Reports claim the KDE DCOPServer insecurely creates temporary files potentially allowing unauthorized local users to access and modify them. Affected versions include all releases within the 3.2.x branch. \n \n--- \n \n### Impact \n\nAn unauthorized local user may be able to view and change user account information leading to execution of arbitrary commands with the privileges of the compromised account. \n \n--- \n \n### Solution \n\n**Apply patches for KDE 3.2.3:**\n\n` \n``_<ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-dcopserver.patch>_` \n \n--- \n \n### Vendor Information\n\n330638\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### KDE Desktop Environment Project Affected\n\nUpdated: August 19, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23330638 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.kde.org/info/security/advisory-20040811-2.txt>\n * <http://secunia.com/advisories/12276/>\n * <http://www.securitytracker.com/alerts/2004/Aug/1010932.html>\n * <http://www.securityfocus.com/bid/10924/info/>\n * <http://www.osvdb.org/displayvuln.php?osvdb_id=8589>\n\n### Acknowledgements\n\nThis vulnerability was reported by Waldo Bastian.\n\nThis document was written by Jeff Gennari.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0690](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0690>) \n---|--- \n**Severity Metric:** | 0.46 \n**Date Public:** | 2004-08-11 \n**Date First Published:** | 2004-09-07 \n**Date Last Updated: ** | 2004-10-06 15:41 UTC \n**Document Revision: ** | 111 \n", "modified": "2004-10-06T15:41:00", "published": "2004-09-07T00:00:00", "id": "VU:330638", "href": "https://www.kb.cert.org/vuls/id/330638", "type": "cert", "title": "KDE DCOPServer insecurely creates temporary files", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:28:06", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0689"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 539-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nAugust 17th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kdelibs\nVulnerability : temporary directory vulnerability\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0689\n\nThe SUSE security team was alerted that in some cases the integrity of\nsymlinks used by KDE are not ensured and that these symlinks can be\npointing to stale locations. This can be abused by a local attacker\nto create or truncate arbitrary files or to prevent KDE applications\nfrom functioning correctly.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 2.2.2-13.woody.12.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 3.3.0-1.\n\nWe recommend that you upgrade your kde packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.12.dsc\n Size/MD5 checksum: 1355 d3a686303d44d4d7267d003437c61d6f\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.12.diff.gz\n Size/MD5 checksum: 60237 a247b433ae9405adb8ba32ac64366ea9\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2.orig.tar.gz\n Size/MD5 checksum: 6396699 7a9277a2e727821338f751855c2ce5d3\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-doc_2.2.2-13.woody.12_all.deb\n Size/MD5 checksum: 2565330 94ae7a9f2aa13f0d5af53e84711b48df\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 757648 070939992e3f91d5e4af7459bcbc65bd\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 7553152 8a38dc59758c98f0ffc45ff30d35545f\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 137540 828a37e54007e3ee26ead1022225c4fb\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 202136 c149dbf59fb5e2b4cc86b6efedb11798\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 1022454 ae3ee30c6da6c2bd359f19aa95d35164\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 1029338 a859bc42892d2254b49e78e7804e5572\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 198358 3ed91696368d4bec551b90e4eb14e306\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 174840 7bbf74d09ecab2838000eff44fefb412\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 178310 fd4f1272e955bbe747f1d636e05b6d46\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_alpha.deb\n Size/MD5 checksum: 37360 bd60c3654e906c76f0ba56b2ac0e2ba6\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 743890 f4570ed6dc7f06bf5842634f7d87bf98\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 6589724 ace8117a74cacb732c5fb937d730bd02\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 104704 44ddcd45621c3d9ab55815e9281be254\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 186724 33dff29b8d4d32143dae08f2bf2a0707\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 651892 94ec38d2950f27192227fd2c5e8f2539\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 655498 09b34582c403425044a328315d985556\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 155764 989e1904a2653ff5b63a47cca2d96afe\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 124956 13a186a5514ea0b77067f9f07e5e8669\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 128068 18d5d45087c564e74ac7e0339446733c\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_arm.deb\n Size/MD5 checksum: 37362 eebd1e696269ba46c619c427161b105b\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 743168 f68af0a8ac8c481085e898de6a847e7f\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 6619492 c7575be8e141f5beed80ba700a532076\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 106252 5b31130082d854841ddd97450cc005de\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 183214 f82c6a704c45c6f0edfdee0a7baf80be\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 625368 53972f342aa4b648a5efcc97a9c069a8\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 629646 fb0f9b4c8b9a77394380beccf50ff794\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 155104 4789419151794965ad6dcee62e2cb9f5\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 123624 c3c16139946d4aba4c6f52d96abb1387\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 126702 d7169b378a82e23bb7227ad129164c5c\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_i386.deb\n Size/MD5 checksum: 37354 77ca1f5c92af7900758758d83510e60a\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 768012 580f23b7cdf35305beb92e999ba5d0a3\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 8859798 01747dfaba30bdf9b9fb4671f09c7549\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 153880 80462e3a89a72e0d4e6cce0b5c8b5aa3\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 257394 94e0cbc745ff2fd7539fa978e18b70f0\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 1045640 85cf65252794eebda8b315b9d16d38b7\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 1051082 705a684a23f545469502398227b3005e\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 199630 862e4406fc9e5e9bf6fd12102fada77b\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 185646 003014ea7220e7e072f5590b85ea3a44\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 191168 47d95215dabbc7815e5d8c9d058bf50c\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_ia64.deb\n Size/MD5 checksum: 37346 36939c48d36ad10fa6f714c5790f2572\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 749976 d36688bf0bb71345e81f53c35cdbf633\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 7345134 3ce498555005ec03158b0204304964b5\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 117614 d87e46df4c0e03cd0c2df1da8daf12d5\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 218080 361692ff0f3e2a10efc88614d68e670d\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 1111794 3c0a43ef05d73130d0a83eda8f9976ae\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 1115472 b0f435aa78ff25a70bf045ad3d59602d\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 207794 753e967a306857eade12ef5833de4d3e\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 172134 d4df135b8d2d0e385a23c830e2eaf291\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 176282 2ae6a01bdd9b0978a3fcd24661589e2a\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_hppa.deb\n Size/MD5 checksum: 37360 4b78561ba125de1623aad0985d421059\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 740284 5acaae1f0542e7a917a22078ad3f5517\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 6484874 87ff700648c3eebb8ef382d4994074c8\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 103784 c2484427b9d2a03fbb3dd11b790e205f\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 178680 b7dc5dad932d6227cc4ca7ea45acef44\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 628842 584553689667389420893c8df9717418\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 633340 5cdf5156814e757f3de3378f2329ece3\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 151260 e6b2f1d87c03359683ced5d4a652f1c6\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 120908 88fb5d3b55827edaba64b1a0dc496b21\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 123834 a8976c61a5863f0044be15e72db8633b\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_m68k.deb\n Size/MD5 checksum: 37362 22a795c7f5d00b2124b9d1438b6bbbe9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 740110 365824fb1cc40b36c84f02bfd98370db\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 6298940 7798ef2d9f4af7d36f11368d235af175\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 107036 c50dbb82dad5e132785da5f74e273eb0\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 161186 767756d8bb5f26dceac74897a50d53a3\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 621108 cc793df9d37277fe876ffebe34c35c8d\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 625428 9d630556c1a34d152e5ad1f3d721237b\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 176042 09c4fbd451ad2fb09263b2b2c52c110b\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 124446 2ce8ab66dbc9971765903e799d21b7b8\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 127486 72028283ffbb83771ff7d9e083493bd6\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_mips.deb\n Size/MD5 checksum: 37362 e5f39aeae3576bac38c2958f1b77a5f4\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 739470 be36fb502c0add3edb8c126c7c6aaeca\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 6191060 75c8cbe691811e886e4549900c2cf4ff\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 106036 59cca462876ca3ac32b0d6b6ce720b28\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 159414 b598649367df5e1cd32cff3219077bee\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 613886 64ba4160509525088d1998fde60edaea\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 617456 1e8d8926b9193a024099389626106c63\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 175236 7dab30528a2ce3d3c8f7d6a88eeb89d2\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 123468 474bcaf555edc60ccb8b0883441d25bd\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 126458 6bc7e7c66f5ecb44d1e99ed2ef19347c\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_mipsel.deb\n Size/MD5 checksum: 37370 be9b7a0e141449aea2c7fd3ead3cf2de\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 741128 a739292946050c0b9bb86473b90667a7\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 6742956 35f2676a4e6b829486175b686d7ea067\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 106154 28dffafa60ff506e33d35b95fd902e28\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 182800 d2b8215a33f516e4633ddb2cff4f8ad5\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 691252 f6aeb7beed07c022d5c08c55c7caa245\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 694858 f24574669857e90a5460bbc90e19845d\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 154020 6cf08316c42a767ac227791d1ba6f71f\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 127754 61050762ba53549839f513e9fffe607e\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 130672 766961b45ec3ba35dd204653267ac017\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_powerpc.deb\n Size/MD5 checksum: 37356 07bcb224fb8946796200faccced5a7dd\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 742592 c33b6be42f3b4c55c20b876f0f439bd7\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 6743254 efc3c4cf7a0f265e016c621b0f16bbf6\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 110692 f9ce2901504915d3cf833432d9b152f6\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 177166 803d86215970756a1e13f914aefcb247\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 642490 769869ba63aec951e6cf589a2055e937\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 647564 28070605d0c633ea4ce3be2b9b3a40cb\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 151606 d9e1db83c62f0c7199f940f0ea662525\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 130114 04e6ac510c568cb872282213fe61fcbc\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 133544 856e185ca4d107247b2eb428ded8ae33\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_s390.deb\n Size/MD5 checksum: 37354 95c2d65d90777fa3ac784f3995757264\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 741956 47aa5619e6e67958a030a50a18824613\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 6579770 e28496f22195640d3dfc1b450e9aeb9e\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 117958 f52340e7d4bf7cdd20837b25292af0bb\n http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 184378 fc12f85e153e1d1e3653257920b851c4\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 665204 cd0e1c7939525cf758c8f3b99b40f1d7\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 669090 e25b4d047cb320fe9adc49b4b4e1efdb\n http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 152008 5607dddc8a78c6aafa8d4c79a808b9c4\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 128866 13792b1a4c52e462d0982f1a0ef804ed\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 131594 4e10857249e6f914ea0d42a23d504105\n http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.12_sparc.deb\n Size/MD5 checksum: 37364 f949cc34262f6c7cc18c992af6a69e8b\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2004-08-17T00:00:00", "published": "2004-08-17T00:00:00", "id": "DEBIAN:DSA-539-1:C1ECB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00142.html", "title": "[SECURITY] [DSA 539-1] New kdelibs packages fix denial of service", "type": "debian", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:10:59", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0765", "CVE-2004-0762", "CVE-2004-0758", "CVE-2004-0691", "CVE-2004-0718", "CVE-2004-0764", "CVE-2004-0815", "CVE-2004-0757", "CVE-2004-0599", "CVE-2004-0746", "CVE-2004-0597", "CVE-2004-0760", "CVE-2004-0598", "CVE-2004-0722", "CVE-2004-0759", "CVE-2004-0763", "CVE-2004-0761"], "description": "The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In order to access these files, they must be readable by the account used for the SMB session. CAN-2004-0815 has been assigned to this issue.\n#### Solution\nAs a temporary workaround you can set the wide links = no option in smb.conf and restart the samba server. However an update is recommended nevertheless.", "edition": 1, "modified": "2004-10-05T14:57:32", "published": "2004-10-05T14:57:32", "id": "SUSE-SA:2004:035", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-10/msg00005.html", "type": "suse", "title": "remote file disclosure in samba", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
