Lucene search
K

4 matches found

CVE
CVE
added 2024/02/23 6:6 p.m.17 views

CAN-2005-0205

CVE-2005-0205 is a local privilege issue in KDE’s kppp component within the kdenetwork package. The vulnerability stems from a design flaw where kppp leaks privileged file descriptors before exec, allowing a local attacker to read/write privileged descriptors and subsequently modify /etc/hosts or...

7.5AI score0.0036EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/09 12:0 a.m.32 views

Debian DSA-692-1 : kdenetwork - design flaw

The KDE team fixed a bug in kppp in 2002 which was now discovered to be exploitable by iDEFENSE. By opening a sufficiently large number of file descriptors before executing kppp which is installed setuid root a local attacker is able to take over privileged file descriptors. %NASLMINLEVEL 70300 C...

4.6CVSS5.3AI score0.0036EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/03/04 12:0 a.m.34 views

RHEL 2.1 / 3 : kdenetwork (RHSA-2005:175)

Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in t...

4.6CVSS5.2AI score0.0036EPSS
Exploits0References3
CVE
CVE
added 2005/02/28 5:0 a.m.72 views

CVE-2005-0205

CVE-2005-0205 affects KPPP 2.1.2 and earlier within KDE 3.1.5 and earlier. The issue is a local privilege problem where a setuid-root kppp can fail to close a privileged domain-socket file descriptor when wrappers are not used, enabling a local attacker to read/write /etc/hosts and /etc/resolv.co...

4.6CVSS6.1AI score0.0036EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder