CVE-2006-2449

Name of the Vulnerable Software and Affected Versions KDE Display Manager (KDM) versions 3.2.0 through 3.5.3 kdebase versions prior to 3.5.2-r2 kdebase3-kdm (affected versions not specified) xfonts-konsole (affected versions not specified)

Description The issue allows local users to read arbitrary files via a symlink attack related to the session type for login, potentially leading to a breach of protected information. The exploitation of this issue can be carried out locally.

Recommendations For KDE Display Manager (KDM) versions 3.2.0 through 3.5.3, update to a version later than 3.5.3 to resolve the issue. For kdebase versions prior to 3.5.2-r2, update to version 3.5.2-r2 or later. For kdebase3-kdm, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For xfonts-konsole, at the moment, there is no information about a newer version that contains a fix for this vulnerability.