Vulnerability Name: | CVE-2005-0365 (CCN-19310) |
Assigned: | 2005-01-21 |
Published: | 2005-01-21 |
Updated: | 2017-10-11 |
Summary: | The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. |
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)Exploitability Metrics: | Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): Low |
|
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None | 2.6 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | File Manipulation |
References: | Source: CCN Type: BugTraq Mailing List, Fri Feb 11 2005 - 02:16:38 CST insecure temporary file creation in kdelibs 3.3.2
Source: CCN Type: the KDE Desktop Environment Web site Bug 97608 - insecure temporary file creation
Source: CONFIRM Type: Patch, Vendor Advisory http://bugs.kde.org/show_bug.cgi?id=97608
Source: MITRE Type: CNA CVE-2005-0365
Source: FEDORA Type: UNKNOWN FEDORA-2005-245
Source: BUGTRAQ Type: UNKNOWN 20050211 insecure temporary file creation in kdelibs 3.3.2
Source: CCN Type: RHSA-2005-325 kdelibs security update
Source: CCN Type: SA14254 KDE kdelibs dcopidlng Script Insecure Temporary File Creation
Source: SECUNIA Type: UNKNOWN 14254
Source: GENTOO Type: Patch, Vendor Advisory GLSA-200503-14
Source: CCN Type: SECTRACK ID: 1013525 KDE dcopidlng Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
Source: SECTRACK Type: UNKNOWN 1013525
Source: CCN Type: KDE CVS Web site KDE CVS Repository - directory - KDE: kdepim/dcopidlng
Source: CCN Type: CIAC INFORMATION BULLETIN P-159 kdelibs Security Update
Source: CCN Type: GLSA-200503-14 KDE dcopidlng: Insecure temporary file creation
Source: CONFIRM Type: Patch http://www.kde.org/info/security/advisory-20050316-2.txt
Source: MANDRAKE Type: UNKNOWN MDKSA-2005:045
Source: MANDRAKE Type: UNKNOWN MDKSA-2005:058
Source: REDHAT Type: UNKNOWN RHSA-2005:325
Source: CCN Type: BID-12525 KDE Library DCOPIDLING Insecure Temporary File Creation Vulnerability
Source: XF Type: UNKNOWN kde-dcopidlng-symlink(19310)
Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10676
|
Vulnerable Configuration: | Configuration 1: cpe:/o:kde:kde:3.2.x:*:*:*:*:*:*:*OR cpe:/o:kde:kde:3.3.x:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Configuration CCN 1: cpe:/o:kde:kde:3.3.2:*:*:*:*:*:*:*AND cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
Definition ID | Class | Title | Last Modified |
---|
oval:org.mitre.oval:def:10676 | V | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. | 2013-04-29 | oval:com.redhat.rhsa:def:20050325 | P | RHSA-2005:325: kdelibs security update (Important) | 2005-03-23 |
|
BACK |
kde kde 3.2.x
kde kde 3.3.x
kde kde 3.3.2
gentoo linux *
mandrakesoft mandrake linux 10.0
mandrakesoft mandrake linux 10.1
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake linux 10.1
mandrakesoft mandrake linux corporate server 3.0
mandrakesoft mandrake linux 10.0