KDE KDM Vulnerability Elevation of Privilage
Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. auto repair mail . Comcast Cable Deals . You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly. 0. ReferencesCVE-2010-0436 1. Systems affected:KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2 2. Overview:KDM contains a race condition that allows local attackers tomake arbitrary files on the system world-writeable. This canhappen while KDM tries to create its control socket duringuser login. This vulnerability has been discovered bySebastian Krahmer from the SUSE Security Team. 3. Impact:A local attacker with a valid local account can undercertain circumstances make use of this vulnerability toexecute arbitrary code as root.4. Solution:Source code patches have been made available which fix thesevulnerabilities. Contact your OS vendor / binary package providerfor information about how to obtain updated binary packages.5. Patch:A patch for KDE 4.3.x-4.4.x is available fromftp://ftp.kde.org/pub/kde/security_patches :68c1dfe76e80812e5e049bb599b3374e kdebase-workspace-4.3.5-CVE-2010-0436.diff
(No Ratings Yet)
Loading ...
Loading ...
I really hope to see more work like this from you. Your points are clear and precise. I will definitely be coming back for more.
I am truly astonished at the amount of effort you put into this article. The passion you show through this article is very strong and I agree with your views.