PT-2002-3165 · Kde+4 · Kdemultimedia+34

Published

1970-01-01

·

Updated

2016-10-18

·

CVE-2002-1247

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions kde-i18n-Catalan-3.0.3 version 3.0.3 kde-i18n-Danish-3.0.3 version 3.0.3 kde-i18n-Czech-3.0.3 version 3.0.3 kde-i18n-British-3.0.3 version 3.0.3 kde-i18n-Brazil-3.0.3 version 3.0.3 kde-i18n-Afrikaans-3.0.3 version 3.0.3 kde-i18n-Chinese-Big5 version 3.0.3 kde-i18n-Chinese-3.0.3 version 3.0.3 qt-3.0.5 version 3.0.5 kcharselect-3.0.3 version 3.0.3 kamera-3.0.3 version 3.0.3 kaboodle-3.0.3 version 3.0.3 kdict version 3.0.3 kdenetwork-2.2.2 version 2.2.2 kdesdk-3.0.3 version 3.0.3 karm-3.0.3 version 3.0.3 kdegraphics-devel-2.2.2 version 2.2.2 kdelibs-2.2.2 version 2.2.2 kdelibs-sound-2.2.2 version 2.2.2 kdelibs-sound-devel-2.2.2 version 2.2.2 kdebindings-3.0.3 version 3.0.3 kdenetwork-ppp-2.2.2 version 2.2.2 kdenetwork-3.0.3 version 3.0.3 kdeutils-3.0.3 version 3.0.3 kcoloredit-3.0.3 version 3.0.3 kdelibs-3.0.3 version 3.0.3 kdebase-3.0.3 version 3.0.3 kdegraphics-2.2.2 version 2.2.2 kdegraphics-3.0.3 version 3.0.3 kdemultimedia-3.0.3 version 3.0.3 kdeadmin-3.0.3 version 3.0.3 kdevelop-2.1.3 version 2.1.3 libmimelib-dev version not specified libmimelib1 version not specified korn version not specified libkdenetwork1 version not specified
Description The issue is related to multiple vulnerabilities in various packages of Red Hat Linux and Debian GNU/Linux operating systems. These vulnerabilities can be exploited to compromise the confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely or by a local attacker, depending on the specific vulnerability. In one case, a buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
Recommendations As a temporary workaround, consider disabling the vulnerable functions until a patch is available. Restrict access to the vulnerable modules to minimize the risk of exploitation. Avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For qt-3.0.5 version 3.0.5, update to a newer version. For kde-i18n-Catalan-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-Danish-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-Czech-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-British-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-Brazil-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-Afrikaans-3.0.3 version 3.0.3, update to a newer version. For kde-i18n-Chinese-Big5 version 3.0.3, update to a newer version. For kde-i18n-Chinese-3.0.3 version 3.0.3, update to a newer version. For kcharselect-3.0.3 version 3.0.3, update to a newer version. For kamera-3.0.3 version 3.0.3, update to a newer version. For kaboodle-3.0.3 version 3.0.3, update to a newer version. For kdict version 3.0.3, update to a newer version. For kdenetwork-2.2.2 version 2.2.2, update to a newer version. For kdesdk-3.0.3 version 3.0.3, update to a newer version. For karm-3.0.3 version 3.0.3, update to a newer version. For kdegraphics-devel-2.2.2 version 2.2.2, update to a newer version. For kdelibs-2.2.2 version 2.2.2, update to a newer version. For kdelibs-sound-2.2.2 version 2.2.2, update to a newer version. For kdelibs-sound-devel-2.2.2 version 2.2.2, update to a newer version. For kdebindings-3.0.3 version 3.0.3, update to a newer version. For kdenetwork-ppp-2.2.2 version 2.2.2, update to a newer version. For kdenetwork-3.0.3 version 3.0.3, update to a newer version. For kdeutils-3.0.3 version 3.0.3, update to a newer version. For kcoloredit-3.0.3 version 3.0.3, update to a newer version. For kdelibs-3.0.3 version 3.0.3, update to a newer version. For kdebase-3.0.3 version 3.0.3, update to a newer version. For kdegraphics-2.2.2 version 2.2.2, update to a newer version. For kdegraphics-3.0.3 version 3.0.3, update to a newer version. For kdemultimedia-3.0.3 version 3.0.3, update to a newer version. For kdeadmin-3.0.3 version 3.0.3, update to a newer version. For kdevelop-2.1.3 version 2.1.3, update to a newer version. For libmimelib-dev version not specified, update to a newer version. For libmimelib1 version not specified, update to a newer version. For korn version not specified, update to a newer version. For libkdenetwork1 version not specified, update to a newer version. At the moment, there is no information about a newer version that contains a fix for libmimelib-dev, libmimelib1, korn, and libkdenetwork1.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

BDU:2015-02941
BDU:2015-02942
BDU:2015-02943
BDU:2015-02944
BDU:2015-02945
BDU:2015-08019
BDU:2015-08020
BDU:2015-08021
BDU:2015-08022
BDU:2015-08023
BDU:2015-08024
BDU:2015-08026
BDU:2015-08027
BDU:2015-08029
BDU:2015-08034
BDU:2015-08035
BDU:2015-08036
BDU:2015-08037
BDU:2015-08039
BDU:2015-08041
BDU:2015-08044
BDU:2015-08046
BDU:2015-08048
BDU:2015-08050
BDU:2015-08051
BDU:2015-08053
BDU:2015-08055
BDU:2015-08088
BDU:2015-08089
BDU:2015-08090
BDU:2015-08091
BDU:2015-08092
BDU:2015-08094
BDU:2015-08095
BDU:2015-08096
BDU:2015-08097
BDU:2015-08099
BDU:2015-08101
BDU:2015-08104
BDU:2015-08106
BDU:2015-08209
CVE-2002-1247
DSA-193

Affected Products

Debian
Red Hat
Kaboodle
Kamera
Karm
Kcharselect
Kcoloredit
Kde-I18N-Afrikaans
Kde-I18N-Brazil
Kde-I18N-British
Kde-I18N-Catalan
Kde-I18N-Chinese
Kde-I18N-Chinese-Big5
Kde-I18N-Czech
Kde-I18N-Danish
Kdeadmin
Kdebase
Kdebindings
Kdegraphics
Kdegraphics-Devel
Kdelibs
Kdelibs-Sound
Kdelibs-Sound-Devel
Kdemultimedia
Kdenetwork
Kdenetwork-Ppp
Kdesdk
Kdeutils
Kdevelop
Kdict
Korn
Libkdenetwork1
Libmimelib-Dev
Libmimelib1
Qt