Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0365

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-0365
Last Modified 21 Aug 2010 12:25:55
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0365

Summary

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Operating System

  • Kde 3.2.x

  • Kde 3.3.x


References

CONFIRM - http://www.kde.org/info/security/advisory-20050316-2.txt

GENTOO - GLSA-200503-14

BUGTRAQ - 20050211 insecure temporary file creation in kdelibs 3.3.2

CONFIRM - http://bugs.kde.org/show_bug.cgi?id=97608

REDHAT - RHSA-2005:325

MANDRAKE - MDKSA-2005:058

MANDRAKE - MDKSA-2005:045

SECTRACK - 1013525

SECUNIA - 14254

FEDORA - FEDORA-2005-245


Last Updated: 27 May 2016 10:39:46