LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: KDE vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that start_kdeinit in KDE 3 did not properly sanitize its input. A local attacker could exploit this to send signals to other processes and cause a denial of service or possibly execute arbitrary code. (CVE-2008-1671)
=========================================================== 
Ubuntu Security Notice USN-608-1               May 06, 2008
kdelibs vulnerability
CVE-2008-1671
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
  kdelibs4c2a                     4:3.5.6-0ubuntu14.3

Ubuntu 7.10:
  kdelibs4c2a                     4:3.5.8-0ubuntu3.4

Ubuntu 8.04 LTS:
  kdelibs4c2a                     4:3.5.9-0ubuntu7.1

After a standard system upgrade you need to restart your session to effect
the necessary changes.

Details follow:

It was discovered that start_kdeinit in KDE 3 did not properly sanitize
its input. A local attacker could exploit this to send signals to other
processes and cause a denial of service or possibly execute arbitrary
code. (CVE-2008-1671)


Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3.diff.gz
      Size/MD5:   596652 da418b8ebaea51f42461f776e0c5cecb
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3.dsc
      Size/MD5:     1747 90107fcd45e14254c866ca01c1ccf2b9
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6.orig.tar.gz
      Size/MD5: 18823660 4be0bd486cc5ea3986118217c3b75d25

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.6-0ubuntu14.3_all.deb
      Size/MD5:  7218696 d5188fa869e0ec05440976976ddf8382
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.6-0ubuntu14.3_all.deb
      Size/MD5: 33827090 66cf487c04f08459e4559b1ad97db922
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3_all.deb
      Size/MD5:    41262 58a69eac46fb2389d8cd90fc7fa402d1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_amd64.deb
      Size/MD5: 27211714 40842a00f20980ac0f9e9f8c9a49a092
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_amd64.deb
      Size/MD5:  1350066 5ad6640f0a932e1fd4aa98df7a2a58ea
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_amd64.deb
      Size/MD5: 10828872 1cb1b281f9ba98283f5f93edb797a765

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_i386.deb
      Size/MD5: 26370110 87c6e79f57d8d8a7b432d6011ae80be7
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_i386.deb
      Size/MD5:  1347678 0587b24a11d7359aa187d37b4b8e16e4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_i386.deb
      Size/MD5:  9972814 54f2982fc3a1b4ecc33f0142d0d02b53

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_powerpc.deb
      Size/MD5: 28173368 6e52368c014995a4be1cf33a523dd160
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_powerpc.deb
      Size/MD5:  1354748 c982967dde2fba411c81da8e1e062398
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_powerpc.deb
      Size/MD5: 10774716 51cd73160ef71b65ae0f3dd975abee44

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_sparc.deb
      Size/MD5: 25522584 5795173c783689033dbc6a41727144b5
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_sparc.deb
      Size/MD5:  1348548 9600053681008605d22af3a1d930ede3
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_sparc.deb
      Size/MD5:  9931936 321b1bfad1c7fa5c33f0b6db691fdb26

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4.diff.gz
      Size/MD5:   562869 167178a97e02d8284ab306dcc6c1db17
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4.dsc
      Size/MD5:     1797 333e99dcdf32fa56e49d4532e4095694
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8.orig.tar.gz
      Size/MD5: 18552571 246f21901251fca7f1290c2e8697b64d

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.8-0ubuntu3.4_all.deb
      Size/MD5:  7295362 22d25cfab5c194e2002b1e12c17f3271
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.8-0ubuntu3.4_all.deb
      Size/MD5: 36363404 937ee42c1f472184deefe8591da3ebc4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4_all.deb
      Size/MD5:    44300 23cfbaeb24d0703f74efc214c55ca018

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_amd64.deb
      Size/MD5: 27037238 890e850434a5c83a8ffd5d8f1321e7b8
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_amd64.deb
      Size/MD5:  1355352 27c69e27af8839177f322f362921be01
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_amd64.deb
      Size/MD5: 10895934 fa2a495af30f4077793cb6b1d983f1f3

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_i386.deb
      Size/MD5: 26294976 dca366a3de0d93df15bea161bc7f121a
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_i386.deb
      Size/MD5:  1352930 c6946be5c01838ab2606c493a16c92eb
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_i386.deb
      Size/MD5: 10004352 879659b72e7c3cfdfb36fb8063ea11b3

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_lpia.deb
      Size/MD5: 40346126 6498e55b6560d425e9e7b2e9065e7fd6
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_lpia.deb
      Size/MD5:  1353772 6057fc6e610970d160eceed72e8cb970
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_lpia.deb
      Size/MD5:  9905502 ac9c42d11345430248999837020e9dc4

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_powerpc.deb
      Size/MD5: 28042230 7f46ada529d1913d4c545df6fa6d7d54
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_powerpc.deb
      Size/MD5:  1359658 cb8ade67cf281e44d1842a4d52ab0575
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_powerpc.deb
      Size/MD5: 10816596 df76e127f64c04b93a19c03168bd93d9

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_sparc.deb
      Size/MD5: 25383262 2a9f223f12ddda70f2cf210b775854a0
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_sparc.deb
      Size/MD5:  1353852 8924dcf22920ef3b46adbc65b6436f77
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_sparc.deb
      Size/MD5:  9973226 2ebcdefa51de504c924a8d86515e600f

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1.diff.gz
      Size/MD5:   695602 7d45c0a647c19779f032b97758fa64c4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1.dsc
      Size/MD5:     1703 f181223540bca62ef4192cb80ab8dd46
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9.orig.tar.gz
      Size/MD5: 18570047 ffac2da24f43637276a284c8da684ccc

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.9-0ubuntu7.1_all.deb
      Size/MD5:  7307834 fdfb3247eb3cad27f49eb20708033729
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.9-0ubuntu7.1_all.deb
      Size/MD5: 25540382 8f906f8192fa3a80b777b855ddd910e5
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1_all.deb
      Size/MD5:     9312 b0018dc14f4e31858895280bfc223909

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_amd64.deb
      Size/MD5: 26750120 ea385c6af643cdca0ad1d7573054423f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_amd64.deb
      Size/MD5:  1381478 9d5caa2e345c82e1f7e6885eb32774d3
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_amd64.deb
      Size/MD5: 10652212 bb1f2ece3e729cf6562ffc7496056b5f

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_i386.deb
      Size/MD5: 25982116 f284da4dc57ab5daf02233c691ba7d99
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_i386.deb
      Size/MD5:  1409928 361548471006854a4c8f183838278733
    http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_i386.deb
      Size/MD5:  9616092 03f7a235870a008c0d89d23b4b358bdb

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_lpia.deb
      Size/MD5: 25957868 77394437a4c8afa62da7e64c4b45600f
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_lpia.deb
      Size/MD5:  1375846 a3badfd278dc41e1be1fbf9d471da7a0
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_lpia.deb
      Size/MD5:  9638718 2619cab676a8d46456df859438eeb224

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_powerpc.deb
      Size/MD5: 27652968 41cc7dd3c95ce9a6a1710f224297cbc8
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_powerpc.deb
      Size/MD5:  1393426 0a7671afcb122ef75322c23b49cd851e
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_powerpc.deb
      Size/MD5: 10452110 a32f2bc6e51ab35bb6b3ff1eae5ba152

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_sparc.deb
      Size/MD5: 25015618 66237ba3bfdaf94c33fd22427142028c
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_sparc.deb
      Size/MD5:  1376442 143bdcfb35b27ac8471cd3147fde0415
    http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_sparc.deb
      Size/MD5:  9585790 68f8c46133112ac8f8928bfb1bb376c8



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.