Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0644

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2003-0644
Last Modified 05 Sep 2008 04:34:52
Published 07 Sep 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0644

Summary

Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands.

Vulnerable Systems

Application

  • Johannes Sixt Kdbg 1.1.0

  • Johannes Sixt Kdbg 1.1.1

  • Johannes Sixt Kdbg 1.1.2

  • Johannes Sixt Kdbg 1.1.3

  • Johannes Sixt Kdbg 1.1.4

  • Johannes Sixt Kdbg 1.1.5

  • Johannes Sixt Kdbg 1.1.6

  • Johannes Sixt Kdbg 1.1.7

  • Johannes Sixt Kdbg 1.2.0

  • Johannes Sixt Kdbg 1.2.1

  • Johannes Sixt Kdbg 1.2.2

  • Johannes Sixt Kdbg 1.2.3

  • Johannes Sixt Kdbg 1.2.4

  • Johannes Sixt Kdbg 1.2.5

  • Johannes Sixt Kdbg 1.2.6

  • Johannes Sixt Kdbg 1.2.7

  • Johannes Sixt Kdbg 1.2.8


References

CONFIRM - http://lists.kde.org/?l=kde-announce&m=106296509815092&w=2

MLIST - [debian-devel-changes] 20030909 Accepted kdbg 1.2.9-1 (i386 source)

REDHAT - RHSA-2005:416


Last Updated: 27 May 2016 10:38:00