Linux Security
    Linux Security
    Linux Security

    Debian: kdeadmin command execution vulnerability

    Date 22 Jan 2003
    Posted By LinuxSecurity Advisories
    By carefully crafting such data an attacker might be able to execute arbitary commands on a vulnerable sytem using the victim's account and privileges.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 234-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    January 22nd, 2003             
    - --------------------------------------------------------------------------
    Package        : kdeadmin
    Vulnerability  : several
    Problem-type   : local, remote
    Debian-specific: no
    CVE Id         : CAN-2002-1393
    The KDE team discovered several vulnerabilities in the K Desktop
    Environment.  In some instances KDE fails to properly quote parameters
    of instructions passed to a command shell for execution.  These
    parameters may incorporate data such as URLs, filenames and e-mail
    addresses, and this data may be provided remotely to a victim in an
    e-mail, a webpage or files on a network filesystem or other untrusted
    By carefully crafting such data an attacker might be able to execute
    arbitary commands on a vulnerable sytem using the victim's account and
    privileges.  The KDE Project is not aware of any existing exploits of
    these vulnerabilities.  The patches also provide better safe guards
    and check data from untrusted sources more strictly in multiple
    For the current stable distribution (woody), these problems have been fixed
    in version 2.2.2-7.2
    The old stable distribution (potato) does not contain KDE packages.
    For the unstable distribution (sid), these problems will most probably
    not be fixed but new packages for KDE 3.1 for sid are expected for
    this year.
    We recommend that you upgrade your KDE packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      922 1c987ba703ca3f18c58d09828783cdbd
          Size/MD5 checksum:    23669 f767d5be73d74af4ffe36a368d364b96
          Size/MD5 checksum:   848413 d3e8bc7ae67b82d3a3e3f488fb690e1b
      Alpha architecture:
          Size/MD5 checksum:   153206 e708ef2b34d2e42475616f3dda45cbd3
          Size/MD5 checksum:   273182 2246d41c01dff1a56deee2c53fcf94c7
          Size/MD5 checksum:   230968 07913b8eb8622e57d3a99cf4f6ec6b69
          Size/MD5 checksum:   189834 11c550096b7eb87c215d67187048b91f
          Size/MD5 checksum:   110280 98e7c0cfd3e2edf630f7885b0a09211d
          Size/MD5 checksum:   216204 50b208e8d15a81ff45b46bc84235fa00
          Size/MD5 checksum:    23584 025b3e2217e3a12d80a37163da50777c
      ARM architecture:
          Size/MD5 checksum:   144850 9c680a3cf5bbb391fadb4734a7e0530b
          Size/MD5 checksum:   202178 8716c754bb0f45f63b9c6f6d51c44df4
          Size/MD5 checksum:   186018 3482c5c0af6528d44331b269165b307b
          Size/MD5 checksum:   149514 445fbe177f06551ae1bc43866cecddcf
          Size/MD5 checksum:    91434 852c61ff06504f467a21a2da8d89a015
          Size/MD5 checksum:   187684 8e9dfbecb9f6c772e60b68b7b6fe877d
          Size/MD5 checksum:    20394 d92b88ec72d4085ad75b45bc86687c44
      Intel IA-32 architecture:
          Size/MD5 checksum:   141688 f89893ede2df05e92e463864696f1897
          Size/MD5 checksum:   182192 e0d3620de12a3331ea2230d9b749bfae
          Size/MD5 checksum:   179986 24a8ff7a51ec008fd1c485f1d0905126
          Size/MD5 checksum:   151736 29c2e6e689fb4bec5ad4c2cf563f68d3
          Size/MD5 checksum:    91936 5bc7ee6fa4a9f95b727f1e8d19179962
          Size/MD5 checksum:   184704 22218d2ffd1e25e7ca695c534d6d8e5c
          Size/MD5 checksum:    93152 b7266d318e7c3fb098a18cc5c6aac69f
          Size/MD5 checksum:    21666 7c0c4059900ff35c2a6e705cebdb0a21
      Intel IA-64 architecture:
          Size/MD5 checksum:   169926 1ab6f22c96e0dbc0e06ac013d1ae8d57
          Size/MD5 checksum:   219624 1336ce2a99c9951e9e79bba6a907c8d2
          Size/MD5 checksum:   299542 ed0092e573f76061889a9e4ea8a40337
          Size/MD5 checksum:   228488 e61fc7237e729249c4c4368dcc0080e7
          Size/MD5 checksum:   129938 e7cd718dd2ac79bd396d268fb8ff8a62
          Size/MD5 checksum:   243448 24c2386d863e234db3f5bef9f328ea5c
          Size/MD5 checksum:    23552 dfd3a70e0d4c3ab8ad4efcccf99d9518
      HP Precision architecture:
          Size/MD5 checksum:   154410 d05f80703cce1c8c65516cea5dbcfe8a
          Size/MD5 checksum:   214620 383d6e1b41ca864580e32e5c5bbd6a4f
          Size/MD5 checksum:   222352 5e3806e74346ea3f6e688dd69043b89d
          Size/MD5 checksum:   185056 55ebbdd65448061c33e2ba67bf856bf7
          Size/MD5 checksum:   107830 9aad3783b609fc6bbdb8464ae1f2114e
          Size/MD5 checksum:   230638 aa3d3c62f36777242af5fa3e6febb1bf
          Size/MD5 checksum:    22844 dad913929d4fa96a75cddbc3e12a6211
      Motorola 680x0 architecture:
          Size/MD5 checksum:   140660 81928d11476e54e0d4e65323eb7997cc
          Size/MD5 checksum:   176254 ba9e6c6d244cfa9b39f3f5b694cea735
          Size/MD5 checksum:   175182 c72b39577f44ea72d2fd5d6cb96116b8
          Size/MD5 checksum:   147776 e16487ddb05b126469238a311bef26ef
          Size/MD5 checksum:    90996 a84d498d47f3d1b84f44f6f7c1b31c15
          Size/MD5 checksum:   179546 f7d3e2c057064b5db7e1d21a2af9c5a9
          Size/MD5 checksum:    22188 40f0ef43476b5ab15e38f92151ccc2fa
      Big endian MIPS architecture:
          Size/MD5 checksum:   138748 d4fc92d8e63db7c4bc9ce283c3db0bcf
          Size/MD5 checksum:   171894 e9c3ca67b8efb02cfa223ec6d6bdc9eb
          Size/MD5 checksum:   198818 15acce76e7269c632e70cb6fa40c457f
          Size/MD5 checksum:   171198 1abfb4306e6b910293f2b0357e3d4102
          Size/MD5 checksum:   100994 a8139081a311f207ef86491c1e5c6b5b
          Size/MD5 checksum:   196970 796e2792ec9ff4cffb90681596aa03da
          Size/MD5 checksum:    20238 8e3ed281344f001e6a530265ada7e8dc
      Little endian MIPS architecture:
          Size/MD5 checksum:   137978 75cba1cf426da9a96d0f4d0110b93872
          Size/MD5 checksum:   168956 7fca70632e404a388d7a0b304ce375dc
          Size/MD5 checksum:   196288 c54aacd4429b7db7fe18739816ea549d
          Size/MD5 checksum:   169274 299412cc5d7777fa2bd7eaeb5e5f4066
          Size/MD5 checksum:   100052 f758b5aa034b8317b41903ffeb89bea3
          Size/MD5 checksum:   195920 a8eb1cf2f428002162e89032a91bf409
          Size/MD5 checksum:    20212 b50b343b3aefae64983ca7779e3eafe9
      PowerPC architecture:
          Size/MD5 checksum:   143140 e9d58d07bed590dae8393f8507bc104b
          Size/MD5 checksum:   173694 45f02700ffd32dc5f1445ecf7fdc710c
          Size/MD5 checksum:   186486 67053abf6a72aea2489ff98a46bbe3ab
          Size/MD5 checksum:   149198 a90cc2acddaa0be636a768b045bf9031
          Size/MD5 checksum:    90394 ae5d36549896fa3d2bf01ebb824f728d
          Size/MD5 checksum:   183640 ba535d6ac7018426fe2bce0f66fff8bc
          Size/MD5 checksum:    20046 a517dc09778f2201871597dae584469e
      IBM S/390 architecture:
          Size/MD5 checksum:   145092 a607f2027b595b3567deb60d707e29b2
          Size/MD5 checksum:   157874 a210625ef3dc12004f4ff33226897d28
          Size/MD5 checksum:   187102 15c446268aec70e1003e2dbd2b4a8f6b
          Size/MD5 checksum:   157246 1b1be87e7aa8611a729994d047284be1
          Size/MD5 checksum:    94466 ec46801de7d047fb3745aa871549bf3d
          Size/MD5 checksum:   183150 4e8eedda1c9bd1a5d5c99cebc3909532
          Size/MD5 checksum:    22686 82dd34d13a7d7ef4fa5e5625f84c406e
      Sun Sparc architecture:
          Size/MD5 checksum:   143920 4526bfae965d9781fbfc20fb105e8cd8
          Size/MD5 checksum:   174906 0647efafe7c2f82ee469ba16339bfe43
          Size/MD5 checksum:   182022 82c38e45b6c859064165f74cac7677a1
          Size/MD5 checksum:   153808 d3e7428d284d292482f430a8d7e1459e
          Size/MD5 checksum:    91930 d5a23f597056e2aa63ce7b0823903802
          Size/MD5 checksum:   185334 71f00d15eb31577cef473419df247180
          Size/MD5 checksum:    20780 955eccfa7c277a049454d10735ce984f
      These files will be moved into the stable distribution after new KDE
      packages fhave been uploaded into unstable (sid) and compiled for
      all architectures.  
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    Which is the best secure Linux distro for pentesting?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"174","title":"Kali Linux","votes":"20","type":"x","order":"1","pct":60.61,"resources":[]},{"id":"175","title":"Parrot OS","votes":"11","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"176","title":"BlackArch Linux","votes":"2","type":"x","order":"3","pct":6.06,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.