int(1177)

Vulnerability Bulletins


Múltiples vulnerabilidades en KDE

Vulnerability classification

Property Value
Confidence level Oficial
Impact Confidencialidad
Dificulty Avanzado
Required attacker level Acceso remoto con cuenta

System information

Property Value
Affected manufacturer GNU/Linux
Affected software KDE
Mandrake Linux 10.1
Mandrake Linux 10.1/X86_64

Description

Se han encontrado varias vulnerabilidades en algunos componentes de KDE. Las más severas constituyen fugas de información almacenada en memoria.

- libkdepim - El rellenado automático de datos de LDAP solo funciona la primera vez que se utiliza.
- certmanager - Se han detectado fugas de memoria en la aplicación.
- KMail antispam wizard - Se han detectado fugas de memoria en la aplicación.

Solution



Actualización de Software

Mandrake Linux
Mandrake Linux 10.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-common-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-kaddressbook-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-karm-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-kmail-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-knode-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-knotes-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-kontact-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-korganizer-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-korn-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kdepim-kpilot-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-common-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-common-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kaddressbook-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kaddressbook-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kmail-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kmail-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-knode-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-knode-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kontact-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kontact-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-korganizer-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-korganizer-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kpilot-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkdepim2-kpilot-devel-3.3.0-29.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/kdepim-3.3.0-29.1.101mdk.src.rpm
Mandrake Linux 10.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-common-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-kaddressbook-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-karm-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-kmail-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-knode-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-knotes-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-kontact-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-korganizer-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-korn-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kdepim-kpilot-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-common-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-common-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kaddressbook-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kaddressbook-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kmail-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kmail-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-knode-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-knode-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kontact-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kontact-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-korganizer-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-korganizer-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kpilot-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64kdepim2-kpilot-devel-3.3.0-29.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/kdepim-3.3.0-29.1.101mdk.src.rpm

Standar resources

Property Value
CVE
BID

Other resources

Mandrakesoft Security Advisories(MDKA-2004:051)
http://www.mandrakesoft.com/security/advisories?name=MDKA-2004:051

Version history

Version Comments Date
1.0 Aviso emitido 2004-12-01
Ministerio de Defensa
CNI
CCN
CCN-CERT