Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1920

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1920
Last Modified 21 Aug 2010 12:29:51
Published 26 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1920

Summary

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

Vulnerable Systems

Operating System

  • Kde 3.2

  • Kde 3.2.1

  • Kde 3.2.2

  • Kde 3.2.3

  • Kde 3.3

  • Kde 3.3.1

  • Kde 3.3.2

  • Kde 3.4

  • Kde 3.4.0


References

CONFIRM - http://www.kde.org/info/security/advisory-20050718-1.txt

BUGTRAQ - 20050718 [KDE Security Advisory]: Kate backup file permission leak

BID - 14297

FEDORA - FLSA:178606

REDHAT - RHSA-2005:612

SUSE - SUSE-SR:2005:018

DEBIAN - DSA-804

SECTRACK - 1014512

GENTOO - GLSA-200611-21

SECUNIA - 23099

SECUNIA - 16099


Last Updated: 27 May 2016 10:40:20