Login
Newsletter
Werbung

Sicherheit: Überschreiben von Dateien in kdenetwork
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in kdenetwork
ID: DSA-692-1
Distribution: Debian
Plattformen: Debian woody
Datum: Do, 10. März 2005, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0205
Applikationen: KDE Software Compilation

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 692-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 8th, 2005 http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package : kdenetwork
Vulnerability : design flaw
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0205

The KDE team fixed a bug in kppp in 2002 which was now discovered to be
exploitable by iDEFENSE. By opening a sufficiently large number of
file descriptors before executing kppp which is installed setuid root a
local attacker is able to take over privileged file descriptors.

For the stable distribution (woody) this problem has been fixed in
version 2.2.2-14.7.

The testing (sarge) and unstable (sid) distributions are not affected
since KDE 3.2 already contained the correction.

We recommend that you upgrade your kppp package.


Upgrade Instructions
--------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

Source archives:

kdenetwork_2.2.2-14.7.dsc
Size/MD5 checksum: 902 ad4a663d3fa5d1f401c1de23b491ce24
kdenetwork_2.2.2-14.7.diff.gz
Size/MD5 checksum: 29835 f79db588c576a8cc1d5febb65f87f545
kdenetwork_2.2.2.orig.tar.gz
Size/MD5 checksum: 3319181 25fbfc5d2592937480c0d3796a2416e0

Alpha architecture:

kdict_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 231920 c062aa249f621d5093ac193046c0cc80
kit_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 154758 25dfcfccc46e8302663f11f09e9ce0c0
klisa_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 189244 9a3a01822530a9caf7e93da2f19c5c0d
kmail_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 999248 0fe2d1678cbd97f85c06fe446635d4e5
knewsticker_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 439772 ec0df6689965ff930fc39389a220062e
knode_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 1287724 55261a92f53b3cbb8c79e7211ee1f74e
korn_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 98872 7560894ae27e663f2d93ec607409c043
kppp_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 573268 4ce4e92f4e3701ddfbef30a1b24232e3
ksirc_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 616134 e6db9edd89e99068dfb4962d77227fc7
ktalkd_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 132672 986392b1fcb9512d701481ba1f2eda47
libkdenetwork1_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 157194 22181b57e94cc748b81071102013ce78
libmimelib-dev_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 61972 1a6e5c3c600f769c3311482ecf425256
libmimelib1_2.2.2-14.7_alpha.deb
Size/MD5 checksum: 100976 5904835da2cd71ec842b48f07decd436

ARM architecture:

kdict_2.2.2-14.7_arm.deb
Size/MD5 checksum: 212946 45522c8ab20279aa3b3374bcdb1fdc04
kit_2.2.2-14.7_arm.deb
Size/MD5 checksum: 133996 e278eae8705b87d5f5ffd9dfbadaa890
klisa_2.2.2-14.7_arm.deb
Size/MD5 checksum: 156152 97663f98edb7143ee2e17dd2b1a42452
kmail_2.2.2-14.7_arm.deb
Size/MD5 checksum: 877620 3900f5df53f382800914129f093fe7e4
knewsticker_2.2.2-14.7_arm.deb
Size/MD5 checksum: 396258 6b9647b9d7843e479c2858e38ac1a8a6
knode_2.2.2-14.7_arm.deb
Size/MD5 checksum: 1124596 faf4cd2531ad86c529092358bbf0f9a9
korn_2.2.2-14.7_arm.deb
Size/MD5 checksum: 76460 63d97144d27a6b1160987a4682dc2cde
kppp_2.2.2-14.7_arm.deb
Size/MD5 checksum: 510820 f8a36d212d66d9a8731fcc4ff07d72c5
ksirc_2.2.2-14.7_arm.deb
Size/MD5 checksum: 565032 0b6eca0cf2f9bda04ab1d5be5c4b1ee5
ktalkd_2.2.2-14.7_arm.deb
Size/MD5 checksum: 114408 7fd9dd9353b2f966997a13e1c39657ea
libkdenetwork1_2.2.2-14.7_arm.deb
Size/MD5 checksum: 138144 ee06c924c67e72ac15c496c276ca8833
libmimelib-dev_2.2.2-14.7_arm.deb
Size/MD5 checksum: 61980 d4ab5163a309a7563c3f527d471b3fa7
libmimelib1_2.2.2-14.7_arm.deb
Size/MD5 checksum: 83950 f538728666d2dc1e792b4dbeb304d922

Intel IA-32 architecture:

kdict_2.2.2-14.7_i386.deb
Size/MD5 checksum: 216168 425d9724e5bdd8b679465d29b5d441a6
kit_2.2.2-14.7_i386.deb
Size/MD5 checksum: 131558 0b6a6d33b9fc1628bb6bf0fa8c6c05cc
klisa_2.2.2-14.7_i386.deb
Size/MD5 checksum: 150600 4b54fb75103dc9b496257ae62999110a
kmail_2.2.2-14.7_i386.deb
Size/MD5 checksum: 853974 ed5d500200aa6d3ac50603a7abaa7109
knewsticker_2.2.2-14.7_i386.deb
Size/MD5 checksum: 398466 a827d74a3a1b4cc2166b4725128228ae
knode_2.2.2-14.7_i386.deb
Size/MD5 checksum: 1119246 4b9c8a40e44d7ffe1a0514c00a78acb5
korn_2.2.2-14.7_i386.deb
Size/MD5 checksum: 75616 79f18843cceb92ec0ab56d718371f2f9
kppp_2.2.2-14.7_i386.deb
Size/MD5 checksum: 505170 84ef6dc048b17a83b255328029fd23db
ksirc_2.2.2-14.7_i386.deb
Size/MD5 checksum: 523214 386b54bdf1be193252b01dab64de61a6
ktalkd_2.2.2-14.7_i386.deb
Size/MD5 checksum: 113912 39e30b21e9d72ae11c1e580583e25108
libkdenetwork1_2.2.2-14.7_i386.deb
Size/MD5 checksum: 132226 03a6d6b32235de5951d19b55193d03a3
libmimelib-dev_2.2.2-14.7_i386.deb
Size/MD5 checksum: 61976 0ee337b242468201abb584a0d8fdff92
libmimelib1_2.2.2-14.7_i386.deb
Size/MD5 checksum: 84400 2a65e91a0227977eb0799f03d15997c5

Intel IA-64 architecture:

kdict_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 271428 13d34bcc5612037f1ed5e38c327b18f7
kit_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 195250 0f1b94ddfabc738eea5a494da009fe44
klisa_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 211244 169fa2479da182020cbf0cbe7bbca063
kmail_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 1312676 ca746e02f515f905df8b93c9ae8ad94a
knewsticker_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 522324 60fe69296eaabdf9888876a6fc45609d
knode_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 1361276 4f6c6f35e5870518809de816b2e6330d
korn_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 113980 e72a874bb9f0255ce026fab643a400c4
kppp_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 640938 91663c130dbf218aaf2dc1f58ba72471
ksirc_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 616206 63acd18fa8be291dc1a4f08d7b10b2ef
ktalkd_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 145542 5201176ca0293d4c5cf225edadd2a759
libkdenetwork1_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 207414 4cc81e5fe4e6993266ec6e17b9654cc5
libmimelib-dev_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 61972 3d57c3fa4a6586673f2b70bc8dba7dd6
libmimelib1_2.2.2-14.7_ia64.deb
Size/MD5 checksum: 121768 e8a54b592d9c19cc6701971f11ce96fc

HP Precision architecture:

kdict_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 244374 a0f353dd6bd567e2a0a6ebc07133d0d0
kit_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 152382 fd84c2e0c229b2be7cba8e83eff5491c
klisa_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 218256 642ae517cf2a019a8ef5ef441e47eedd
kmail_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 978082 1f402b41af00b84fcab32f3076fac91d
knewsticker_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 444044 8f2eda645c1be6b902d8153c3788e4bf
knode_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 1253486 8c97128109fb068a565d796977d7e2d0
korn_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 93316 a1b5351a07f78ffb1d97cef194f44b3a
kppp_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 560966 04a440178ee803d38d8a4b135f5f6c7f
ksirc_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 581718 dd67a0c663ffc062451ad4a697ed716e
ktalkd_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 137114 4ff766ee408a2b34a4ab68a3697a71a5
libkdenetwork1_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 169100 e2f5801c90dc9ca2fa5ebc03901d79f3
libmimelib-dev_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 61990 cff80d65c68502adbe58b86e5705d430
libmimelib1_2.2.2-14.7_hppa.deb
Size/MD5 checksum: 116582 2c955eabc7a9349829e682d71f70a6f5

Motorola 680x0 architecture:

kdict_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 212390 42c5aa7d1fafd8c3292344133c3ff10e
kit_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 126124 86fe31b70a96d9cdebda3417d686984f
klisa_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 141758 513d50e8e059c545efe09926ffb61d10
kmail_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 813422 80a55cb3466cf015864c0dfd09d3fa30
knewsticker_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 392468 aa28f33f4eea40cacf15ca6f9dafeefe
knode_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 1097016 e9faf642d34f5422c406cbb61ec7f98c
korn_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 75556 c610f743e612127e89af2bc0489acd8a
kppp_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 498610 dd3235ca52c6abf03b19ba0882831658
ksirc_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 552888 ddc1ff8ce246bd0c058fb68e16cc6b98
ktalkd_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 113168 e0b8e92005d750cdee66bd9d53d20220
libkdenetwork1_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 129314 4daef064a7add962261b1fda89ced072
libmimelib-dev_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 61996 ad39c56ea585112ec3e313cb2b46987f
libmimelib1_2.2.2-14.7_m68k.deb
Size/MD5 checksum: 83126 8deaf8ef5cfbe53281f45bfecec2bb11

Big endian MIPS architecture:

kdict_2.2.2-14.7_mips.deb
Size/MD5 checksum: 214414 1f6a7909fef478c0be5a4efbdefc1a8d
kit_2.2.2-14.7_mips.deb
Size/MD5 checksum: 138510 50c47691d6142836a0b2e0b0ccb036c4
klisa_2.2.2-14.7_mips.deb
Size/MD5 checksum: 143832 ce3a8eb0f0e6aa02f8412cc237441127
kmail_2.2.2-14.7_mips.deb
Size/MD5 checksum: 913612 a532fed5f98b4a1482374e6865ac7f66
knewsticker_2.2.2-14.7_mips.deb
Size/MD5 checksum: 371522 4485746dc710f29222148d0b60136985
knode_2.2.2-14.7_mips.deb
Size/MD5 checksum: 1144780 e645f26e5e3bb99847007a9873907f79
korn_2.2.2-14.7_mips.deb
Size/MD5 checksum: 89424 e2631a52acbf8f2d72e51cb536629bcb
kppp_2.2.2-14.7_mips.deb
Size/MD5 checksum: 538680 7d0108dd5e4c1fdb16ca63d7ef4fa7aa
ksirc_2.2.2-14.7_mips.deb
Size/MD5 checksum: 478852 b06f1c5d209e08bf0da9a35697611636
ktalkd_2.2.2-14.7_mips.deb
Size/MD5 checksum: 116856 8ac8d3e82b4a3aee9559ac67c7b1f0f3
libkdenetwork1_2.2.2-14.7_mips.deb
Size/MD5 checksum: 125684 39427e852ed5d6538bdefa9765962efc
libmimelib-dev_2.2.2-14.7_mips.deb
Size/MD5 checksum: 61994 7c2dab0ac6d186e7abfcd39b60163e43
libmimelib1_2.2.2-14.7_mips.deb
Size/MD5 checksum: 86048 e5239eb89c6b62dbf50e9d1bc2be9dce

Little endian MIPS architecture:

kdict_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 212612 36290228b5e9470f5c0f55d3a4b4f717
kit_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 137028 52643c89cba627bde0885554631cb997
klisa_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 143760 f50a2d65658c6d1d8f7c00ed5d59083e
kmail_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 904790 96ce6525b2f92b9465d8127987c4e965
knewsticker_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 367678 ec8abb91e1637ce05d9ef342392a06b5
knode_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 1137570 570be26f41bd5af0313b06634beb54f5
korn_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 88472 3401319c4f9ec8a65e8c6f2dc65e5595
kppp_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 536250 8a04687face8273c57ea1710c64d6091
ksirc_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 457096 299733ca3de232730513b1f2a430503f
ktalkd_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 117396 92126c1b56d7f7a1788370fdfac64381
libkdenetwork1_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 124312 99f502f6a24ab811e53aec45bc99a136
libmimelib-dev_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 61988 f27bf97e847c1034b1d77424081dd2f6
libmimelib1_2.2.2-14.7_mipsel.deb
Size/MD5 checksum: 85784 f17e1f4b63d97be5f12a5d35939a320a

PowerPC architecture:

kdict_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 211536 b13f4ba2071cf2a111b9f905fdc8d36d
kit_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 131126 4be8e316147e1dccfd7db554515b9303
klisa_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 151970 310c2f13fc8fcc46c8b04baf507f0c66
kmail_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 873270 27f3e1cb9250307b1789b117a4830106
knewsticker_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 393734 53c9dd2b33ec5a1a9c63e8e2f90103ce
knode_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 1130986 6776dc47a7bee511eea63c79d365b3ca
korn_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 74506 8a13a8e62becdf57cddf291bb528ff0e
kppp_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 506732 d0b3440b8e3950b1d7442a997571dc28
ksirc_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 560866 9a79782fcd2b75b0161c7c6334942941
ktalkd_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 113534 d8bfcad5b0e0d26cd3ace2e4d3837771
libkdenetwork1_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 137918 ae89763d1d52b9c2e6c07b9fe5564e10
libmimelib-dev_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 61988 83eb5259a75448c7cbeb8d963baaea52
libmimelib1_2.2.2-14.7_powerpc.deb
Size/MD5 checksum: 87000 14002ca08bc122f8b3c33a5164a1fb28

IBM S/390 architecture:

kdict_2.2.2-14.7_s390.deb
Size/MD5 checksum: 226990 3aa8bcec731e1caea37336f503f5fa12
kit_2.2.2-14.7_s390.deb
Size/MD5 checksum: 133126 7defc32634822a8cf78bbaf323051ee2
klisa_2.2.2-14.7_s390.deb
Size/MD5 checksum: 147160 b81c26bacf121ca854693fb570006be5
kmail_2.2.2-14.7_s390.deb
Size/MD5 checksum: 853030 b49b6106478cdad6e18d5e8f4f2ef00f
knewsticker_2.2.2-14.7_s390.deb
Size/MD5 checksum: 396720 295ba60a0b113fccea5a5ef4c485885e
knode_2.2.2-14.7_s390.deb
Size/MD5 checksum: 1144764 4eebc4e456330e309f06680905bb1c8f
korn_2.2.2-14.7_s390.deb
Size/MD5 checksum: 78796 632b1f479f5fd11a75ff048313a6cdae
kppp_2.2.2-14.7_s390.deb
Size/MD5 checksum: 511178 304945afec80e1452d4b248e149017e9
ksirc_2.2.2-14.7_s390.deb
Size/MD5 checksum: 543494 525a56ba5ce5f010b56d341a9670c141
ktalkd_2.2.2-14.7_s390.deb
Size/MD5 checksum: 117838 d18e9f9a81aef02424af84e9872f479e
libkdenetwork1_2.2.2-14.7_s390.deb
Size/MD5 checksum: 141450 1ac79dad3e375f899cac9fc67ddba44c
libmimelib-dev_2.2.2-14.7_s390.deb
Size/MD5 checksum: 61982 04cf4eaf4805512619264c693a18081b
libmimelib1_2.2.2-14.7_s390.deb
Size/MD5 checksum: 87750 bc81ad77879cdd21513678ddaef4a71c

Sun Sparc architecture:

kdict_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 219988 e69514ce418a494739f4e9895ef23197
kit_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 134312 b86bf2a3986e9cd3717b9ed7eb0cd4d7
klisa_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 151792 6f848409aee5ee107ce717da66176aeb
kmail_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 865860 faa4c12f03efb6315a09261efa87d09b
knewsticker_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 399696 81163830cb0714d3c51c8fbf896c07b5
knode_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 1143614 4bfee91c7630cd3772fab3653062a55f
korn_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 76504 cf4aded5651dccd288bc0fbb761af4b2
kppp_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 508430 f4b1c7a9d3e3414c0488539d78561aaa
ksirc_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 527196 c44a45c368718e535ba5d93b5386cb95
ktalkd_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 119520 789f0ef1b8f4007d93d2d3d572d17d6f
libkdenetwork1_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 136502 5cebdcccf9e9cbd098018b1612a6c0ac
libmimelib-dev_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 61986 5f6d24da84d78b0e86c68206bc3960f3
libmimelib1_2.2.2-14.7_sparc.deb
Size/MD5 checksum: 84648 3d89f58c8a08b3be918d32c08972112c


These files will probably be moved into the stable distribution on
its next update.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCLdlTW5ql+IAeqTIRAvveAJ9/4gKlw3RZsKk8MgEYpw/OXp4DeACeJQg7
fqRCLFunhL1w7aEJzaERcJM=
=VOk5
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung