CVE-2014-6055

Name of the Vulnerable Software and Affected Versions kdenetwork-kopete-devel versions 4.10.5 kdenetwork-krdc versions 4.10.5 kdenetwork-kopete versions 4.10.5 kdenetwork versions 4.10.5 kdenetwork-krfb-libs versions 4.10.5 kdenetwork-kget-libs versions 4.10.5 kdenetwork-kdnssd versions 4.10.5 kdenetwork-krfb versions 4.10.5 kdenetwork-fileshare-samba versions 4.10.5 kdenetwork-devel versions 4.10.5 kdenetwork-common versions 4.10.5 kdenetwork-krdc-devel versions 4.10.5 kdenetwork-krdc-libs versions 4.10.5 kdenetwork-kget versions 4.10.5 kdenetwork-kopete-libs versions 4.10.5 kdenetwork-debuginfo versions 4.10.5 LibVNCServer versions 0.9.9 and earlier

Description The issue is related to multiple vulnerabilities in various packages of the kdenetwork suite, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely by an authenticated attacker. Additionally, there are stack-based buffer overflows in the File Transfer feature of LibVNCServer, which can cause a denial of service and possibly allow the execution of arbitrary code.

Recommendations For kdenetwork-kopete-devel version 4.10.5, restrict access to the vulnerable components until a patch is available. For kdenetwork-krdc version 4.10.5, consider disabling the vulnerable features to minimize the risk of exploitation. For kdenetwork-kopete version 4.10.5, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For kdenetwork version 4.10.5, restrict access to the vulnerable modules to minimize the risk of exploitation. For kdenetwork-krfb-libs version 4.10.5, consider disabling the vulnerable functions until a patch is available. For kdenetwork-kget-libs version 4.10.5, avoid using the vulnerable variables in the affected API endpoints until the issue is resolved. For kdenetwork-kdnssd version 4.10.5, restrict access to the vulnerable components until a patch is available. For kdenetwork-krfb version 4.10.5, consider disabling the vulnerable features to minimize the risk of exploitation. For kdenetwork-fileshare-samba version 4.10.5, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For kdenetwork-devel version 4.10.5, restrict access to the vulnerable modules to minimize the risk of exploitation. For kdenetwork-common version 4.10.5, consider disabling the vulnerable functions until a patch is available. For kdenetwork-krdc-devel version 4.10.5, avoid using the vulnerable variables in the affected API endpoints until the issue is resolved. For kdenetwork-krdc-libs version 4.10.5, restrict access to the vulnerable components until a patch is available. For kdenetwork-kget version 4.10.5, consider disabling the vulnerable features to minimize the risk of exploitation. For kdenetwork-kopete-libs version 4.10.5, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For kdenetwork-debuginfo version 4.10.5, restrict access to the vulnerable modules to minimize the risk of exploitation. For LibVNCServer versions 0.9.9 and earlier, update to a version later than 0.9.9 to mitigate the risk of exploitation.