Red Hat Bugzilla – Bug 81166
Security issues in KDE
Last modified: 2007-11-30 17:06:52 EST
In some instances KDE fails to properly quote parameters of instructions passed to a command shell for execution. These parameters may incorporate data such as URLs, filenames and e-mail addresses, and this data may be provided remotely to a victim in an e-mail, a webpage or files on a network filesystem or other untrusted source. By carefully crafting such data an attacker might be able to execute arbitary commands on a vulnerable sytem using the victim's account and privileges.
errata is in progress
This was fixed by http://rhn.redhat.com/errata/RHSA-2003-003.html which came out Mar26
I'm a little confused. This vulnerability corresponds to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1393 So it's been fixed in 2.1AS, but what about RH 7.{0,1,2}? There was a KDE update: https://rhn.redhat.com/errata/RHSA-2002-220.html but it doesn't list CAN-2002-1393 as being fixed. So it looks like 1393 is a valid issue for RH 7.{0,1,2} that isn't in Bugzilla. Or am I missing something?
Yes, Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are vulnerable to CAN-2002-1393. An update that fixes this, and other vulnerabilities, is in progress and will be available shortly.