|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
In-Reply-To: <20021221121337.GA29404@matrix.wg> From: fozzy@dmpfrance.com To: bugtraq@securityfocus.com Date: Sun, 22 Dec 2002 23:07:44 GMT Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <20021222230744.33D0ED95A@mail.fr.clara.net> > The KDE Project is not aware of any existing exploits of these > vulnerabilities I'd like to stress out that, due to the nature of these vulnerabilities, exploitation can be very easy and "basic". Security-enhanced kernels (preventing buffer overflows and format string attacks) will not help. A bit like most MS Internet Explorer bugs BTW... ;-) After I found out some of these problems, the KDE Security Team has done a good job in finding and fixing all the potentially vulnerable instances of code. This is a major fix, so consider upgrading soon ! Fozzy The Hackademy Audit http://www.thehackademy.net/audit.php (french)
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |