Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1306

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1306
Last Modified 10 Sep 2008 03:14:16
Published 29 Nov 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1306

Summary

Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.

Vulnerable Systems

Operating System

  • Kde 2.1

  • Kde 2.1.1

  • Kde 2.1.2

  • Kde 2.2

  • Kde 2.2.1

  • Kde 2.2.2

  • Kde 3.0

  • Kde 3.0.1

  • Kde 3.0.2

  • Kde 3.0.3


References

CONFIRM - http://www.kde.org/info/security/advisory-20021111-2.txt

BUGTRAQ - 20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities

REDHAT - RHSA-2002:220

SUSE - SuSE-SA:2002:042

MANDRAKE - MDKSA-2002:080

XF - kde-kdenetwork-lan-bo(10598)

XF - kde-kdenetwork-lisa-bo(10597)

DEBIAN - DSA-214

CIAC - N-020

BUGTRAQ - 20021114 GLSA: kdelibs


Last Updated: 27 May 2016 10:37:16