CVE-2001-0496

Name of the Vulnerable Software and Affected Versions kdelibs versions 2.1.2 kdelibs-sound versions 2.1.2 kdelibs-devel versions 2.1.2 kdelibs-sound-devel versions 2.1.2

Description The issue allows local users to gain privileges due to the creation of world-readable temporary files containing authentication information by kdesu in the kdelibs package. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out locally.

Recommendations For kdelibs version 2.1.2, consider disabling the kdesu function until a patch is available to prevent the creation of world-readable temporary files. For kdelibs-sound version 2.1.2, restrict access to sensitive information to minimize the risk of exploitation. For kdelibs-devel version 2.1.2, avoid using the vulnerable package for development purposes until the issue is resolved. For kdelibs-sound-devel version 2.1.2, apply configuration changes to limit the accessibility of temporary files created by kdesu. At the moment, there is no information about a newer version that contains a fix for this vulnerability.