EUVD-2000-0527

Malware in sbrugna...

CVE-2000-0530

The CVE-2000-0530 entry describes a vulnerability in KDE 1.1.2 where the KApplication-class creates configuration files without proper ownership checks or existence verification. The result is a local privilege-attack risk: a local user can exploit a symlink/ownership flaw to overwrite arbitrary ...

CVE-2000-0530

The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files...

KDE::KApplication feature?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------ TESO Security Advisory 2000/05/29 KDE KApplication configfile vulnerability Summary =================== A bug within the KDE configuration-file management has been discovered. Due to insecure creation of configuration files via...

Очередная дырка в KDE

Класс KApplication некорректно работает с конфиуграционными файлами не проверяются символьные линки, что позволяет атаковать любое приложение, использующее данный класс например ktvision и ktuner...

KDE 1.1.2 KApplication configfile - Local Privilege Escalation (3)

source: https://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root...