Bug 164487
Summary: | CAN-2005-0205 kdenetwork- kppp local domain name hijacking | ||
---|---|---|---|
Product: | [Retired] Fedora Legacy | Reporter: | Marc Bejarano <bugzilla.redhat> |
Component: | kdenetwork | Assignee: | Fedora Legacy Bugs <bugs> |
Status: | CLOSED CANTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | deisenst |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://rhn.redhat.com/errata/RHSA-2005-175.html | ||
Whiteboard: | LEGACY, rh73, rh90, 1, NEEDSWORK | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-04-12 00:38:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 179804 |
Description
Marc Bejarano
2005-07-28 07:37:20 UTC
This issue was worked on for RHEL2.1 and RHEL3 in bug #148912. Is also known as KDE Advisory "advisory-20050228-1," at <http://www.kde.org/info/security/advisory-20050228-1.txt> From that advisory: "1. Systems affected: "kppp as included in KDE up to including KDE 3.1.5. KDE 3.2.x and newer are not affected. "2. Overview: "kppp, if installed suid root, allows local attackers to hijack a system's domain name resolution function. "A fix introduced for a similiar vulnerability, added to the code base in 1998, was incomplete and can be bypassed. "In 2002 a proper fix was made by Dirk Mueller for KDE 3.2 as part of a code audit. No advisory was issued because the problem was considered to be unexploitable at that time. iDEFENSE now rediscovered the issue and supplied an example exploit for this vulnerability. "3. Impact: "Modifications to /etc/hosts and /etc/resolv.conf can be done by local users which allows manipulation of host and domain name lookups, enabling other phishing and social engineering attacks." This issue affects RHL7.3, RHL9, and FC1. Red Hat issued http://rhn.redhat.com/errata/RHSA-2005-175.html on this issue. Red Hat Linux and Fedora Core releases <=4 are now completely unmaintained. These bugs can't be fixed in these versions. If the issue still persists in current Fedora Core releases, please reopen. Thank you, and sorry about this. |