[28309] in bugtraq
Re: KDE Security Advisory: Multiple vulnerabilities in KDE
daemon@ATHENA.MIT.EDU (Florian Weimer)
Mon Dec 23 16:34:49 2002
To: fozzy@dmpfrance.com
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
Date: Mon, 23 Dec 2002 19:40:37 +0100
In-Reply-To: <20021222230744.33D0ED95A@mail.fr.clara.net> (fozzy@dmpfrance.com's
message of "Sun, 22 Dec 2002 23:07:44 GMT")
Message-ID: <87n0mwefyy.fsf@Login.CERT.Uni-Stuttgart.DE>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
fozzy@dmpfrance.com writes:
> A bit like most MS Internet Explorer bugs BTW... ;-)
It's exactly the same.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-015.asp
> After I found out some of these problems, the KDE Security Team has done a
> good job in finding and fixing all the potentially vulnerable instances of
> code. This is a major fix, so consider upgrading soon !
However, another set of problems related to the command line
processing remains: At laest in
kdelibs/kdeprint/management/smbview.cpp, a user-supplied password is
passed on the command line to a subprocess. The command line is a
resource readable by all local users, and so is the environment (which
the KDE developers used after they were told about the problem).
Of course, this problem isn't relevant in most situations (it's only a
problem in rough multi-user environments). The other command line
processing bugs are much more severe.
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
