Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 123232 - CAN-2004-0411 URI filtering vulnerability
CAN-2004-0411 URI filtering vulnerability
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kdelibs (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Ngo Than
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-14 12:16 EDT by Mark J. Cox
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-05-17 17:09:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2004:222 high SHIPPED_LIVE Important: kdelibs security update 2004-05-17 00:00:00 EDT

  None (edit)
Description Mark J. Cox 2004-05-14 12:16:38 EDT 
iDEFENSE identified a vulnerability in the Opera web browser that
could allow remote attackers to create or truncate arbitrary files.
The KDE team has found that a similar vulnerability also exists
in KDE.

A flaw in the telnet URL handler can allow options to be passed to the
telnet program allowing file creation or overwriting. An attacker
could create a carefully crafted link such that when opened by a
victim it creates or overwrites a file with the victim's permissions. 

A workaround to this issue is to remove the file:
/usr/share/services/telnet.protocol

Red Hat Enterprise Linux 2.1 users who have applied any previous
kdelib erratum are not vulnerable to this issue, as our updates
shipped without a telnet.protocol file.

Embargoed until May17
Comment 1 Mark J. Cox 2004-05-14 12:17:59 EDT 
Additionally a flaw was found in the mailto: handler; this could allow
attackers to pass --display arguments to kmail in order to take
control of the victims machine.  This issue does affect RHEL2.1
Comment 2 Mark J. Cox 2004-05-17 07:36:08 EDT 
Now public; removing embargo:

http://www.kde.org/info/security/advisory-20040517-1.txt
Comment 3 Mark J. Cox 2004-05-17 17:09:37 EDT 
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-222.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.