105997 – kde-base/{kdebase|kcheckpass}: local privilege escalation (CAN-2005-2494)

Bug 105997 - kde-base/{kdebase|kcheckpass}: local privilege escalation (CAN-2005-2494)

Summary: kde-base/{kdebase|kcheckpass}: local privilege escalation (CAN-2005-2494)

Status:	RESOLVED DUPLICATE of bug 104099

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://www.securityfocus.com/bid/14736/
Whiteboard:	B1 [ebuild] DerCorny
Keywords:

Duplicates (1):	105999 (view as bug list)
Depends on:
Blocks:

Reported:	2005-09-14 12:38 UTC by Stefan Cornelius (RETIRED)
Modified:	2005-09-14 12:52 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Cornelius (RETIRED) gentoo-dev

2005-09-14 12:38:48 UTC

KDE kcheckpass is prone to a local privilege escalation vulnerability.
Successful exploitation could allow an attacker to gain superuser privileges.

All KDE versions from 3.2.0 to 3.4.2 inclusive are vulnerable to this issue.

Comment 1 Stefan Cornelius (RETIRED) gentoo-dev

2005-09-14 12:40:59 UTC

kde-herd, please provide fixed ebuilds. Patches can be found here:
http://www.securityfocus.com/bid/14736/solution

Comment 2 Chris White (RETIRED) gentoo-dev

2005-09-14 12:46:17 UTC

*** Bug 105999 has been marked as a duplicate of this bug. ***

Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev

2005-09-14 12:47:06 UTC

Build-checking it right now (over kcheckpass).

Comment 4 Stefan Cornelius (RETIRED) gentoo-dev

2005-09-14 12:52:13 UTC


*** This bug has been marked as a duplicate of 104099 ***