| Summary: | kde-base/ksysguard-4.4.1 (?): RCE via Cross Application Scripting | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | kde |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.backtrack.it/~emgent/exploits/20100320_Ksysguard_RCE_CAS.txt | ||
| Whiteboard: | A2? [invalid] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 313999 | ||
|
Description
Stefan Behte (RETIRED)
2010-03-24 21:33:21 UTC
So is this still applicable for 4.4.2 or 4.4.3 ? ksysguard lets users monitor remote machines using various transports including a custom command. That's a feature, not a bug. Users should of course only open .sgrd files from trusted sources. |
