Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 105997

Summary: kde-base/{kdebase|kcheckpass}: local privilege escalation (CAN-2005-2494)
Product: Gentoo Security Reporter: Stefan Cornelius (RETIRED) <dercorny>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal CC: chriswhite, kde
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.securityfocus.com/bid/14736/
Whiteboard: B1 [ebuild] DerCorny
Package list:
Runtime testing required: ---

Description Stefan Cornelius (RETIRED) gentoo-dev 2005-09-14 12:38:48 UTC 
KDE kcheckpass is prone to a local privilege escalation vulnerability.
Successful exploitation could allow an attacker to gain superuser privileges.

All KDE versions from 3.2.0 to 3.4.2 inclusive are vulnerable to this issue.
Comment 1 Stefan Cornelius (RETIRED) gentoo-dev 2005-09-14 12:40:59 UTC 
kde-herd, please provide fixed ebuilds. Patches can be found here:
http://www.securityfocus.com/bid/14736/solution
Comment 2 Chris White (RETIRED) gentoo-dev 2005-09-14 12:46:17 UTC 
*** Bug 105999 has been marked as a duplicate of this bug. ***
Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev 2005-09-14 12:47:06 UTC 
Build-checking it right now (over kcheckpass).
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2005-09-14 12:52:13 UTC 

*** This bug has been marked as a duplicate of 104099 ***