Bug 165606

Summary: EMBARGOED CAN-2005-2101 langen2kvtml tempfile vulnerability
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: kdeeduAssignee: Than Ngo <than>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: medium    
Version: 4CC: security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20050815,reported=20050809,source=vendorsec
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-10-25 11:48:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Proposed upstream patch none

Description Josh Bressers 2005-08-10 18:59:47 UTC 
Ben Burton notified the KDE security team about several tempfile handling
related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The
script must be manually invoked.

The script uses known filenames in /tmp which allow an local attacker to
overwrite files writeable by the user invoking the conversion script.


This issue should also affect FC3
Comment 1 Josh Bressers 2005-08-10 18:59:49 UTC 
Created attachment 117621 [details]
Proposed upstream patch
Comment 2 Than Ngo 2005-08-10 20:25:26 UTC 
it's now fixed in kdeedu-3.4.2-0.fc4.2 (FC4) and kdeedu-3.4.2-0.fc3.2 (FC3)
Comment 3 Mark J. Cox 2005-10-25 11:48:49 UTC 
FEDORA-2005-745
FEDORA-2005-744