SUSE CVE-2005-0365

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

Gentoo Security Advisory GLSA 200503-14 (dcopidlng)

The remote host is missing updates announced in advisory GLSA 200503-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Core 3 : kdelibs-3.3.1-2.9.FC3 (2005-245)

Wed Mar 23 2005 Than Ngo 6:3.3.1-2.9.FC3 - Applied patch to fix konqueror international domain name spoofing, CVE-2005-0237, 147405 - get rid of broken AltiVec instructions on ppc - Wed Mar 2 2005 Than Ngo 6:3.3.1-2.8.FC3 - Applied patch to fix DCOP DoS, CVE-2005-0396, 150092 thanks KDE security...

FreeBSD : kdelibs -- insecure temporary file creation (29dd0065-81fa-11d9-a9e7-0001020eed82)

Davide Madrisan reports : The dcopidlng' script in the KDE library package kdelibs-3.3.2/dcop/dcopidlng/dcopidlng creates temporary files in a unsecure manner. Note: dcopidlng is only used at build time, so only users installing KDE are vulnerable, not users already running KDE. %NASLMINLEVEL 703...

security flaw

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

Mandrake Linux Security Advisory : kdelibs (MDKSA-2005:058)

A vulnerability in dcopserver was discovered by Sebastian Krahmer of the SUSE security team. A local user can lock up the dcopserver of other users on the same machine by stalling the DCOP authentication process, causing a local Denial of Service. dcopserver is the KDE Desktop Communication...

GLSA-200503-14 : KDE dcopidlng: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200503-14 KDE dcopidlng: Insecure temporary file creation Davide Madrisan has discovered that the dcopidlng script creates temporary files in a world-writable directory with predictable names. Impact : A local attacker could creat...

KDE dcopidlng: Insecure temporary file creation

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. dcopidlng is a DCOP helper script. Description Davide Madrisan has discovered that the dcopidlng script creates temporary files in a world-writable...

CVE-2005-0365

The CVE-2005-0365 issue affects KDE’s dcopidlng component in KDE 3.2.x and 3.3.x, where temporary files are created with predictable filenames, enabling local users to overwrite arbitrary files via a symlink attack. Connected documents confirm insecure temporary-file usage in dcopidlng and refere...