165606 – EMBARGOED CAN-2005-2101 langen2kvtml tempfile vulnerability

Bug 165606 - EMBARGOED CAN-2005-2101 langen2kvtml tempfile vulnerability

Summary: EMBARGOED CAN-2005-2101 langen2kvtml tempfile vulnerability

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kdeedu
Sub Component:
Version:	4
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Than Ngo
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=low,public=20050815,reported=2...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-08-10 18:59 UTC by Josh Bressers
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2005-10-25 11:48:49 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Proposed upstream patch (1.83 KB, patch) 2005-08-10 18:59 UTC, Josh Bressers	no flags	Details \| Diff
View All

Description Josh Bressers 2005-08-10 18:59:47 UTC

Ben Burton notified the KDE security team about several tempfile handling
related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The
script must be manually invoked.

The script uses known filenames in /tmp which allow an local attacker to
overwrite files writeable by the user invoking the conversion script.


This issue should also affect FC3

Comment 1 Josh Bressers 2005-08-10 18:59:49 UTC

Created attachment 117621 [details]
Proposed upstream patch

Comment 2 Than Ngo 2005-08-10 20:25:26 UTC

it's now fixed in kdeedu-3.4.2-0.fc4.2 (FC4) and kdeedu-3.4.2-0.fc3.2 (FC3)

Comment 3 Mark J. Cox 2005-10-25 11:48:49 UTC

FEDORA-2005-745
FEDORA-2005-744

Note You need to log in before you can comment on or make changes to this bug.